Date: Wed, 9 Oct 2024 20:34:13 GMT From: Vladimir Druzenko <vvd@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-branches@FreeBSD.org Subject: git: 3b4fdc63688f - 2024Q4 - dns/powerdns-recursor: Update 5.1.1 =?utf-8?Q?=E2=86=92?= 5.1.2 (fix CVE-2024-25590) Message-ID: <202410092034.499KYDep073822@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch 2024Q4 has been updated by vvd: URL: https://cgit.FreeBSD.org/ports/commit/?id=3b4fdc63688f62f9776340778ad107e0a44ebf40 commit 3b4fdc63688f62f9776340778ad107e0a44ebf40 Author: Ralf van der Enden <tremere@cainites.net> AuthorDate: 2024-10-09 20:23:26 +0000 Commit: Vladimir Druzenko <vvd@FreeBSD.org> CommitDate: 2024-10-09 20:33:42 +0000 dns/powerdns-recursor: Update 5.1.1 → 5.1.2 (fix CVE-2024-25590) PowerDNS Recursor Security Advisory 2024-04: An attacker can publish a zone containing specific Resource Record Sets. Repeatedly processing and caching results for these sets can lead to a denial of service. CVSS Score: 7.5 https://blog.powerdns.com/2024/10/03/powerdns-recursor-4-9-9-5-0-9-5-1-2-released PR: 281914 MFH: 2024Q4 (cherry picked from commit 7386c2ffd587aad5d720f2c117827d30bf844e3d) --- dns/powerdns-recursor/Makefile | 6 ++---- dns/powerdns-recursor/distinfo | 6 +++--- .../files/{pdns-recursor.in => pdns_recursor.in} | 8 ++++++++ dns/powerdns-recursor/files/pkg-message.in | 15 +++++++++++++++ dns/powerdns-recursor/pkg-plist | 2 +- 5 files changed, 29 insertions(+), 8 deletions(-) diff --git a/dns/powerdns-recursor/Makefile b/dns/powerdns-recursor/Makefile index 684babcbbe88..1b8e6fce5ed2 100644 --- a/dns/powerdns-recursor/Makefile +++ b/dns/powerdns-recursor/Makefile @@ -1,6 +1,5 @@ PORTNAME= recursor -DISTVERSION= 5.1.1 -PORTREVISION= 3 +DISTVERSION= 5.1.2 CATEGORIES= dns MASTER_SITES= http://downloads.powerdns.com/releases/ PKGNAMEPREFIX= powerdns- @@ -27,10 +26,9 @@ USES= autoreconf cargo compiler:c++11-lib cpe gmake libtool \ localbase:ldflags pkgconfig python:build ssl tar:bzip2 CPE_VENDOR= powerdns -USE_RC_SUBR= pdns-recursor +USE_RC_SUBR= pdns_recursor GNU_CONFIGURE= yes -GNU_CONFIGURE_MANPREFIX=${PREFIX}/share CONFIGURE_ARGS= --sysconfdir=${PREFIX}/etc/pdns \ --with-libsodium=no \ --with-service-user=pdns \ diff --git a/dns/powerdns-recursor/distinfo b/dns/powerdns-recursor/distinfo index 81dbf229cbb4..483048051798 100644 --- a/dns/powerdns-recursor/distinfo +++ b/dns/powerdns-recursor/distinfo @@ -1,6 +1,6 @@ -TIMESTAMP = 1721778766 -SHA256 (pdns-recursor-5.1.1.tar.bz2) = 5b7ab793ace822294a3f38092fe72ee64748ff0cbb8a5283dc77f40780605ae9 -SIZE (pdns-recursor-5.1.1.tar.bz2) = 1709091 +TIMESTAMP = 1728502563 +SHA256 (pdns-recursor-5.1.2.tar.bz2) = b3a37ebb20285ab9acbbb0e1370e623bb398ed3087f0e678f23ffa3b0063983d +SIZE (pdns-recursor-5.1.2.tar.bz2) = 1723288 SHA256 (rust/crates/base64-0.21.7.crate) = 9d297deb1925b89f2ccc13d7635fa0714f12c87adce1c75356b39ca9b7178567 SIZE (rust/crates/base64-0.21.7.crate) = 82576 SHA256 (rust/crates/cc-1.0.98.crate) = 41c270e7540d725e65ac7f1b212ac8ce349719624d7bcff99f8e2e488e8cf03f diff --git a/dns/powerdns-recursor/files/pdns-recursor.in b/dns/powerdns-recursor/files/pdns_recursor.in similarity index 86% rename from dns/powerdns-recursor/files/pdns-recursor.in rename to dns/powerdns-recursor/files/pdns_recursor.in index 122c52f47f1e..c4ea35acd8ff 100644 --- a/dns/powerdns-recursor/files/pdns-recursor.in +++ b/dns/powerdns-recursor/files/pdns_recursor.in @@ -31,6 +31,14 @@ required_files=${pdns_recursor_conf} actual_pdns_recursor_flags="${pdns_recursor_flags}" pdns_recursor_flags="" +extra_commands="showyaml" +showyaml_cmd="${name}_showyaml" + +pdns_recursor_showyaml() +{ + %%PREFIX%%/bin/rec_control show-yaml ${pdns_recursor_conf%%.*}.conf +} + pidfile="/var/run/${name}.pid" actual_command="%%PREFIX%%/sbin/${name}" command="/usr/sbin/daemon" diff --git a/dns/powerdns-recursor/files/pkg-message.in b/dns/powerdns-recursor/files/pkg-message.in index de732b5bc2cf..c0f69aa02c73 100644 --- a/dns/powerdns-recursor/files/pkg-message.in +++ b/dns/powerdns-recursor/files/pkg-message.in @@ -11,4 +11,19 @@ as recursor.conf-dist. EOM } +{ type: upgrade + minimum_version: "5.1.0" + message: <<EOM +Since version 5.1.0 the tarball no longer contains a recursor.conf-dist +and users need to start using the YAML format. + +A new command is available to the rc.d script, showyaml, which converts +the old config to YAML format. This can be run via: + service pdns_recursor showyaml + +It ony shows the new config and won't overwrite your old config. + +Please double check if everything has been converted correctly. +EOM +} ] diff --git a/dns/powerdns-recursor/pkg-plist b/dns/powerdns-recursor/pkg-plist index 8c1d25c3ff67..d3cce2ec81d5 100644 --- a/dns/powerdns-recursor/pkg-plist +++ b/dns/powerdns-recursor/pkg-plist @@ -1,4 +1,4 @@ -@sample etc/pdns/recursor.yml-dist etc/pdns/recursor.yml +etc/pdns/recursor.yml-dist bin/rec_control sbin/pdns_recursor share/man/man1/pdns_recursor.1.gz
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202410092034.499KYDep073822>