Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 19 Oct 2020 15:05:44 +0000
From:      bugzilla-noreply@freebsd.org
To:        ports-bugs@FreeBSD.org
Subject:   [Bug 250464] dns/powerdns-recursor: Update to 4.4.0
Message-ID:  <bug-250464-7788@https.bugs.freebsd.org/bugzilla/>

next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D250464

            Bug ID: 250464
           Summary: dns/powerdns-recursor: Update to 4.4.0
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
               URL: https://doc.powerdns.com/recursor/changelog/4.4.html#c
                    hange-4.4.0
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: Individual Port(s)
          Assignee: ports-bugs@FreeBSD.org
          Reporter: juraj@lutter.sk
                CC: tremere@cainites.net
                CC: tremere@cainites.net
             Flags: maintainer-feedback?(tremere@cainites.net)

Created attachment 218890
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D218890&action=
=3Dedit
dns/powerdns-recursor: Update to 4.4.0

Hi,

please find the patch attached.

Changelog for 4.4.0:
Released: 19th of October 2020
Bug Fixes
  - Backport of CVE-2020-25829: Cache pollution.

Changelog for 4.4.0-rc2:
Released: 6th of October 2020
Improvements:
  - Don=E2=80=99t parse any config with =E2=80=93version.
  - Expose typed cache flush via Web API.
  - Log when going Bogus because of a missing SOA in authority.
  - Raise an exception on invalid content in unknown record.
Bug Fixes:
  - When deciding if we are auth in the local auth or forwarding case, DS is
        special.
  - Fix wipe-cache-typed.
  - Watch the descriptor again after an out-of-order read timeout.

Changelog for 4.4.0-rc1:
Released: 21st of September 2020
Bug Fixes:
  - Only do QName Minimization for the names inside a forwarded domain.
  - Fix the parsing of dont-throttle-netmasks in the presence of
        dont-throttle-names.

Changelog for 4.4.0-beta1:
Released: 31st of August 2020
Improvements:
  - Store RPZ trigger and hit in appliedPolicy and protobuf message and log
        them in the trace log.
  - Apply filtering policies (RPZ) on CNAME chains as well.
  - Fix warning: initialized lambda captures are a C++14 extension.
  - Clean some coverity reported cases of exceptions thrown but not caught.
  - Export record cache lock (contention) stats via the various channels.
  - Allow multiple local data records when doing RPZ IP matching.
  - Replace the use of =E2=80=981=E2=80=99 by QClass::IN to improve readabi=
lity.
  - Avoid name clashes on Solaris derived systems.
Bug Fixes:
  - Allow some more depth headroom for the no-qname-minimization fallback c=
ase.
  - If we have an NS in cache, use it in the forwarder case.
  - Disable outgoing v4 when query-local-address has no v4 addresses.
  - Resize hostname to final size in getCarbonHostname() (Aki Tuomi).

Changelog for 4.4.0-alpha2:
Released: 20th of July 2020
Improvements:
  - Check that DNSKEYs have the zone flag set.
  - Remove redundant toLogString() calls (Chris Hofstaedtler).
  - Stop cluttering the global namespace with validation states.
  - Use explicit flag for the specific version of c++ we=E2=80=99re targeti=
ng.
  - Use new operator to print states.
  - Refuse QType 0 right away, based on rfc6895 section 3.1.
  - Specify a storage type for validation states.
  - Common TCP write problems should only be logged if wanted.
  - Dump the authority records of a negative cache entry as well.
  - Alternative way to do =E2=80=9Cskip cname check=E2=80=9D for DS and DNS=
KEY records
  - Control stack depth when priming.
  - Add version =E2=80=98statistic=E2=80=99 to prometheus.
  - Cleanup cache cleaner pruneCollection function.
  - RPZ policy should override gettag_ffi answer by default.
  - Don=E2=80=99t copy the records when scanning for CNAME loops.
  - Do not use using namespace std; .
  - More sophisticated CNAME loop detection.
  - Use std::string_view when available (Rosen Penev).
  - Make sure we can install unsigned packages.
  - Clarify docs (Josh Soref).
  - Ensure runtime dirs for virtual services differ.
  - Builder: improve shipped config files (Chris Hofstaedtler).
  - Less negatives in error messages improves readability.
  - Boost 1.73 moved boost::bind placeholders to the placeholders namespace.
  - Fix useless copies in loop reported by clang++ 10.
  - NetmaskTree: do not test node for null, the loop guarantees node is not
        null.
  - Wrap pthread objects
  - Get rid of a naked pointer in the /dev/poll event multiplexer.
  - Random engine.
Bug Fixes:
  - Update proxy-protocol.cc (ihsinme).
  - Kill an signed vs unsigned warning on OpenBSD.
  - Don=E2=80=99t validate a NXD with a NSEC proving that the name is an EN=
T.
  - Fix three shared cache issues.
  - Limit the TTL of RRSIG records as well.
  - Avoid throwing an exception in Logger::log().

Changelog for 4.4.0-alpha1:
Released: 22th of April 2020
New Features:
  - Implement native DNS64 support, without Lua.
  - Add custom tags to RPZ hits.
  - Allow attaching a =E2=80=98routing=E2=80=99 tag string to a query in lu=
a code and use that
        tag in the record cache when appropriate.
  - Share record cache between threads.
  - Add support for Proxy Protocol between dnsdist and the recursor.
Improvements:
  - Fix warnings with llvm10 and -Wrange-loop-construct (Kirill Ponomarev).
  - Fix compilation without deprecated OpenSSL APIs (Rosen Penev).
  - Detect {Libre,Open}SSL functions availability during configure.
  - Better handling of reconnections in Remote Logger.
  - Add =E2=80=98queue full=E2=80=99 metrics for our remote logger, log at =
debug only.
  - Update boost.m4
  - Keep a masked network in the Netmask class.
  - Replace include guard ifdef/define with pragma once (Chris Hofstaedtler=
).
  - YaHTTP: Support bracketed IPv6 addresses
  - Rework NetmaskTree for better CPU and memory efficiency (Stephan Bosch).
  - RPZ dumpFile/seedFile: store/get SOA refresh on dump/load.
  - Add =E2=80=98IO wait=E2=80=99 and =E2=80=98steal=E2=80=99 metrics on Li=
nux.
  - DNSName: Don=E2=80=99t call strlen() when the length is already known.
  - Fix build with gcc-10 (Sander Hoentjen).
Bug Fixes
  - Fix compilation of the ports event multiplexer.
  - Init zone=E2=80=99s d_priority field.
  - QName Minimization sometimes uses 1 label too many.


Testport results:
https://freebsd-current.builder.wilbury.net/data/13cgx64-default/2020-10-19=
_16h34m10s/logs/powerdns-recursor-4.4.0.log

--=20
You are receiving this mail because:
You are the assignee for the bug.=



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-250464-7788>