From owner-svn-ports-all@freebsd.org Wed Aug 15 19:35:27 2018 Return-Path: Delivered-To: svn-ports-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D64D1106DDB2; Wed, 15 Aug 2018 19:35:26 +0000 (UTC) (envelope-from pi@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 3901076FA4; Wed, 15 Aug 2018 19:35:17 +0000 (UTC) (envelope-from pi@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 016876E84; Wed, 15 Aug 2018 19:35:17 +0000 (UTC) (envelope-from pi@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w7FJZGUg028873; Wed, 15 Aug 2018 19:35:16 GMT (envelope-from pi@FreeBSD.org) Received: (from pi@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w7FJZGOS028870; Wed, 15 Aug 2018 19:35:16 GMT (envelope-from pi@FreeBSD.org) Message-Id: <201808151935.w7FJZGOS028870@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: pi set sender to pi@FreeBSD.org using -f From: Kurt Jaeger Date: Wed, 15 Aug 2018 19:35:16 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r477279 - in branches/2018Q3/dns/knot-resolver: . files X-SVN-Group: ports-branches X-SVN-Commit-Author: pi X-SVN-Commit-Paths: in branches/2018Q3/dns/knot-resolver: . files X-SVN-Commit-Revision: 477279 X-SVN-Commit-Repository: ports MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 15 Aug 2018 19:35:27 -0000 Author: pi Date: Wed Aug 15 19:35:15 2018 New Revision: 477279 URL: https://svnweb.freebsd.org/changeset/ports/477279 Log: MFH: r477052 dns/knot-resolver: update 2.3.0 -> 2.4.1 - CVE-2018-10920: Improper input validation bug in DNS resolver component PR: 229485 Reported by: freebsd-vheg@riseup.net, Approved by: freebsd@dns.company (maintainer timeout) Relnotes: https://www.knot-resolver.cz/2018-07-03-knot-resolver-2.4.0.html https://www.knot-resolver.cz/2018-08-02-knot-resolver-2.4.1.html Security: CVE-2018-10920 Approved by: ports-secteam (miwi) Added: branches/2018Q3/dns/knot-resolver/files/patch-Makefile - copied unchanged from r477052, head/dns/knot-resolver/files/patch-Makefile Modified: branches/2018Q3/dns/knot-resolver/Makefile branches/2018Q3/dns/knot-resolver/distinfo branches/2018Q3/dns/knot-resolver/pkg-plist Directory Properties: branches/2018Q3/ (props changed) Modified: branches/2018Q3/dns/knot-resolver/Makefile ============================================================================== --- branches/2018Q3/dns/knot-resolver/Makefile Wed Aug 15 19:34:41 2018 (r477278) +++ branches/2018Q3/dns/knot-resolver/Makefile Wed Aug 15 19:35:15 2018 (r477279) @@ -2,8 +2,7 @@ # $FreeBSD$ PORTNAME= knot-resolver -DISTVERSION= 2.3.0 -PORTREVISION= 2 +DISTVERSION= 2.4.1 CATEGORIES= dns ipv6 MASTER_SITES= https://secure.nic.cz/files/knot-resolver/ \ https://dns.company/downloads/knot-resolver/ @@ -13,11 +12,14 @@ COMMENT= Caching full resolver implementation LICENSE= GPLv3 +BUILD_DEPENDS= bash:shells/bash \ + git:devel/git LIB_DEPENDS= libgnutls.so:security/gnutls \ libknot.so:dns/knot2 \ liblmdb.so:databases/lmdb \ libluajit-5.1.so:lang/luajit \ libuv.so:devel/libuv +TEST_DEPENDS= cmocka>=1.1.1:sysutils/cmocka CONFLICTS= knot-1.* knot1-[0-6].* @@ -27,10 +29,11 @@ MAKE_ARGS+= MANDIR=${PREFIX}/man MAKE_ARGS+= PKGCONFIGDIR=${PREFIX}/libdata/pkgconfig MAKE_ARGS+= lmdb_CFLAGS=-I${PREFIX}/include lmdb_LIBS=-llmdb -USES= gmake libedit libtool ncurses pkgconfig tar:xz +USES= gmake libedit libtool ncurses pkgconfig shebangfix tar:xz +SHEBANG_FILES= scripts/coverage_env.sh USE_LDCONFIG= yes -OPTIONS_DEFINE= COOKIES DNSTAP DOXYGEN GO MEMCACHED REDIS TRUSTANCHOR +OPTIONS_DEFINE= COOKIES DNSTAP DOXYGEN GO TRUSTANCHOR COOKIES_DESC= cookies COOKIES_LIB_DEPENDS= libnettle.so:security/nettle @@ -61,18 +64,6 @@ GO_BUILD_DEPENDS= go>=1.5:lang/go GO_MAKE_ARGS_ON= HAS_go=yes GO_MAKE_ARGS_OFF= HAS_go=no -MEMCACHED_DESC= memcached in-memory data-backend -MEMCACHED_LIB_DEPENDS= libmemcached.so:databases/libmemcached -MEMCACHED_MAKE_ARGS_ON= HAS_libmemcached=yes -MEMCACHED_MAKE_ARGS_OFF= HAS_libmemcached=no -MEMCACHED_PLIST_FILES= lib/kdns_modules/memcached.so - -REDIS_DESC= redis in-memory data-backend -REDIS_LIB_DEPENDS= libhiredis.so:databases/hiredis -REDIS_MAKE_ARGS_ON= HAS_hiredis=yes -REDIS_MAKE_ARGS_OFF= HAS_hiredis=no -REDIS_PLIST_FILES= lib/kdns_modules/redis.so - TRUSTANCHOR_DESC= Trust anchor bootstrapping and stats TRUSTANCHOR_USES= lua TRUSTANCHOR_MAKE_ARGS_ON= HAS_ltn12=yes HAS_ssl.https=yes @@ -89,10 +80,10 @@ STRIP_TARGETS= sbin/kresd \ sbin/kresc \ lib/libkres.so.7 \ lib/kdns_modules/ahocorasick.so \ + lib/kdns_modules/bogus_log.so \ lib/kdns_modules/cookies.so \ lib/kdns_modules/dnstap.so \ lib/kdns_modules/hints.so \ - lib/kdns_modules/kmemcached.so \ lib/kdns_modules/stats.so post-install: Modified: branches/2018Q3/dns/knot-resolver/distinfo ============================================================================== --- branches/2018Q3/dns/knot-resolver/distinfo Wed Aug 15 19:34:41 2018 (r477278) +++ branches/2018Q3/dns/knot-resolver/distinfo Wed Aug 15 19:35:15 2018 (r477279) @@ -1,3 +1,3 @@ -TIMESTAMP = 1529357112 -SHA256 (knot-resolver-2.3.0.tar.xz) = 2d19c5daf8440bd3d2acd1886b9ede65f04f7753c6fd4618a92a1a4ba3b27a9b -SIZE (knot-resolver-2.3.0.tar.xz) = 1522788 +TIMESTAMP = 1534107905 +SHA256 (knot-resolver-2.4.1.tar.xz) = e8044316cd897ad29b3c5284de06652e1568c4d5861e3147ec2191fbacd8d9ff +SIZE (knot-resolver-2.4.1.tar.xz) = 1564784 Copied: branches/2018Q3/dns/knot-resolver/files/patch-Makefile (from r477052, head/dns/knot-resolver/files/patch-Makefile) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2018Q3/dns/knot-resolver/files/patch-Makefile Wed Aug 15 19:35:15 2018 (r477279, copy of r477052, head/dns/knot-resolver/files/patch-Makefile) @@ -0,0 +1,8 @@ +--- Makefile.orig 2018-07-02 17:45:52.000000000 +0200 ++++ Makefile 2018-07-04 10:35:57.228161000 +0200 +@@ -1,4 +1,4 @@ +-SHELL=/bin/bash -o pipefail -o errexit ++SHELL=/usr/local/bin/bash -o pipefail -o errexit + + include config.mk + include platform.mk Modified: branches/2018Q3/dns/knot-resolver/pkg-plist ============================================================================== --- branches/2018Q3/dns/knot-resolver/pkg-plist Wed Aug 15 19:34:41 2018 (r477278) +++ branches/2018Q3/dns/knot-resolver/pkg-plist Wed Aug 15 19:35:15 2018 (r477279) @@ -28,6 +28,7 @@ include/libkres/trie.h include/libkres/utils.h include/libkres/zonecut.h lib/kdns_modules/ahocorasick.so +lib/kdns_modules/bogus_log.so lib/kdns_modules/daf.lua lib/kdns_modules/daf/daf.js lib/kdns_modules/detect_time_jump.lua @@ -64,6 +65,7 @@ lib/kdns_modules/predict.lua lib/kdns_modules/prefill.lua lib/kdns_modules/priming.lua lib/kdns_modules/prometheus.lua +lib/kdns_modules/rebinding.lua lib/kdns_modules/renumber.lua lib/kdns_modules/serve_stale.lua lib/kdns_modules/stats.so