From owner-freebsd-ports-bugs@freebsd.org Mon Oct 19 15:05:45 2020 Return-Path: Delivered-To: freebsd-ports-bugs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id DC1BD42A9B4 for ; Mon, 19 Oct 2020 15:05:45 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (unknown [127.0.1.3]) by mx1.freebsd.org (Postfix) with ESMTP id 4CFKnj5ZhHz3TPX for ; Mon, 19 Oct 2020 15:05:45 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id BD75F42A9B3; Mon, 19 Oct 2020 15:05:45 +0000 (UTC) Delivered-To: ports-bugs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id BC1BF42ABA2 for ; Mon, 19 Oct 2020 15:05:45 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CFKnj4TjDz3TRW for ; Mon, 19 Oct 2020 15:05:45 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 7D65D25637 for ; Mon, 19 Oct 2020 15:05:45 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 09JF5js7061698 for ; Mon, 19 Oct 2020 15:05:45 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 09JF5j8I061697 for ports-bugs@FreeBSD.org; Mon, 19 Oct 2020 15:05:45 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 250464] dns/powerdns-recursor: Update to 4.4.0 Date: Mon, 19 Oct 2020 15:05:44 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Ports & Packages X-Bugzilla-Component: Individual Port(s) X-Bugzilla-Version: Latest X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: juraj@lutter.sk X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: ports-bugs@FreeBSD.org X-Bugzilla-Flags: maintainer-feedback? X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform bug_file_loc op_sys bug_status bug_severity priority component assigned_to reporter cc flagtypes.name attachments.created Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Oct 2020 15:05:45 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D250464 Bug ID: 250464 Summary: dns/powerdns-recursor: Update to 4.4.0 Product: Ports & Packages Version: Latest Hardware: Any URL: https://doc.powerdns.com/recursor/changelog/4.4.html#c hange-4.4.0 OS: Any Status: New Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: ports-bugs@FreeBSD.org Reporter: juraj@lutter.sk CC: tremere@cainites.net CC: tremere@cainites.net Flags: maintainer-feedback?(tremere@cainites.net) Created attachment 218890 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D218890&action= =3Dedit dns/powerdns-recursor: Update to 4.4.0 Hi, please find the patch attached. Changelog for 4.4.0: Released: 19th of October 2020 Bug Fixes - Backport of CVE-2020-25829: Cache pollution. Changelog for 4.4.0-rc2: Released: 6th of October 2020 Improvements: - Don=E2=80=99t parse any config with =E2=80=93version. - Expose typed cache flush via Web API. - Log when going Bogus because of a missing SOA in authority. - Raise an exception on invalid content in unknown record. Bug Fixes: - When deciding if we are auth in the local auth or forwarding case, DS is special. - Fix wipe-cache-typed. - Watch the descriptor again after an out-of-order read timeout. Changelog for 4.4.0-rc1: Released: 21st of September 2020 Bug Fixes: - Only do QName Minimization for the names inside a forwarded domain. - Fix the parsing of dont-throttle-netmasks in the presence of dont-throttle-names. Changelog for 4.4.0-beta1: Released: 31st of August 2020 Improvements: - Store RPZ trigger and hit in appliedPolicy and protobuf message and log them in the trace log. - Apply filtering policies (RPZ) on CNAME chains as well. - Fix warning: initialized lambda captures are a C++14 extension. - Clean some coverity reported cases of exceptions thrown but not caught. - Export record cache lock (contention) stats via the various channels. - Allow multiple local data records when doing RPZ IP matching. - Replace the use of =E2=80=981=E2=80=99 by QClass::IN to improve readabi= lity. - Avoid name clashes on Solaris derived systems. Bug Fixes: - Allow some more depth headroom for the no-qname-minimization fallback c= ase. - If we have an NS in cache, use it in the forwarder case. - Disable outgoing v4 when query-local-address has no v4 addresses. - Resize hostname to final size in getCarbonHostname() (Aki Tuomi). Changelog for 4.4.0-alpha2: Released: 20th of July 2020 Improvements: - Check that DNSKEYs have the zone flag set. - Remove redundant toLogString() calls (Chris Hofstaedtler). - Stop cluttering the global namespace with validation states. - Use explicit flag for the specific version of c++ we=E2=80=99re targeti= ng. - Use new operator to print states. - Refuse QType 0 right away, based on rfc6895 section 3.1. - Specify a storage type for validation states. - Common TCP write problems should only be logged if wanted. - Dump the authority records of a negative cache entry as well. - Alternative way to do =E2=80=9Cskip cname check=E2=80=9D for DS and DNS= KEY records - Control stack depth when priming. - Add version =E2=80=98statistic=E2=80=99 to prometheus. - Cleanup cache cleaner pruneCollection function. - RPZ policy should override gettag_ffi answer by default. - Don=E2=80=99t copy the records when scanning for CNAME loops. - Do not use using namespace std; . - More sophisticated CNAME loop detection. - Use std::string_view when available (Rosen Penev). - Make sure we can install unsigned packages. - Clarify docs (Josh Soref). - Ensure runtime dirs for virtual services differ. - Builder: improve shipped config files (Chris Hofstaedtler). - Less negatives in error messages improves readability. - Boost 1.73 moved boost::bind placeholders to the placeholders namespace. - Fix useless copies in loop reported by clang++ 10. - NetmaskTree: do not test node for null, the loop guarantees node is not null. - Wrap pthread objects - Get rid of a naked pointer in the /dev/poll event multiplexer. - Random engine. Bug Fixes: - Update proxy-protocol.cc (ihsinme). - Kill an signed vs unsigned warning on OpenBSD. - Don=E2=80=99t validate a NXD with a NSEC proving that the name is an EN= T. - Fix three shared cache issues. - Limit the TTL of RRSIG records as well. - Avoid throwing an exception in Logger::log(). Changelog for 4.4.0-alpha1: Released: 22th of April 2020 New Features: - Implement native DNS64 support, without Lua. - Add custom tags to RPZ hits. - Allow attaching a =E2=80=98routing=E2=80=99 tag string to a query in lu= a code and use that tag in the record cache when appropriate. - Share record cache between threads. - Add support for Proxy Protocol between dnsdist and the recursor. Improvements: - Fix warnings with llvm10 and -Wrange-loop-construct (Kirill Ponomarev). - Fix compilation without deprecated OpenSSL APIs (Rosen Penev). - Detect {Libre,Open}SSL functions availability during configure. - Better handling of reconnections in Remote Logger. - Add =E2=80=98queue full=E2=80=99 metrics for our remote logger, log at = debug only. - Update boost.m4 - Keep a masked network in the Netmask class. - Replace include guard ifdef/define with pragma once (Chris Hofstaedtler= ). - YaHTTP: Support bracketed IPv6 addresses - Rework NetmaskTree for better CPU and memory efficiency (Stephan Bosch). - RPZ dumpFile/seedFile: store/get SOA refresh on dump/load. - Add =E2=80=98IO wait=E2=80=99 and =E2=80=98steal=E2=80=99 metrics on Li= nux. - DNSName: Don=E2=80=99t call strlen() when the length is already known. - Fix build with gcc-10 (Sander Hoentjen). Bug Fixes - Fix compilation of the ports event multiplexer. - Init zone=E2=80=99s d_priority field. - QName Minimization sometimes uses 1 label too many. Testport results: https://freebsd-current.builder.wilbury.net/data/13cgx64-default/2020-10-19= _16h34m10s/logs/powerdns-recursor-4.4.0.log --=20 You are receiving this mail because: You are the assignee for the bug.=