Date: Fri, 10 Apr 2026 20:20:42 +0000 From: Yusuf Yaman <nxjoseph@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Cc: Ralf van der Enden <tremere@cainites.net> Subject: git: 0ad58b7e6683 - main - dns/dnsdist: Update 2.0.2 => 2.0.3 (security) Message-ID: <69d95b9a.44c85.7293e3c5@gitrepo.freebsd.org>
index | next in thread | raw e-mail
The branch main has been updated by nxjoseph: URL: https://cgit.FreeBSD.org/ports/commit/?id=0ad58b7e668391fc44e965e211f4a86eeb87b808 commit 0ad58b7e668391fc44e965e211f4a86eeb87b808 Author: Ralf van der Enden <tremere@cainites.net> AuthorDate: 2026-03-31 12:46:29 +0000 Commit: Yusuf Yaman <nxjoseph@FreeBSD.org> CommitDate: 2026-04-10 20:20:08 +0000 dns/dnsdist: Update 2.0.2 => 2.0.3 (security) While here: * Drop backported patch since they're in new release * Reduce portlint warnings by using increment for DISTFILES * Use <bsd.port.options.mk> instead of <bsd.port.{pre,post}.mk> Release notes: https://blog.powerdns.com/2026/03/31/powerdns-dnsdist-1.9.12-and-2.0.3-released Changelog: https://www.dnsdist.org/changelog.html#change-2.0.3 PR: 294225 Reported by: Jordan Ostreff <jordan@ostreff.info> Approved by: Ralf van der Enden <tremere@cainites.net> (maintainer) Approved by: osa (mentor) Security: CVE-2026-0396 Security: CVE-2026-0397 Security: CVE-2026-24028 Security: CVE-2026-24029 Security: CVE-2026-24030 Security: CVE-2026-27853 Security: CVE-2026-27854 MFH: 2026Q2 --- dns/dnsdist/Makefile | 9 +++--- dns/dnsdist/distinfo | 8 ++---- dns/dnsdist/files/patch-dnsdist-lua.cc | 50 ---------------------------------- 3 files changed, 7 insertions(+), 60 deletions(-) diff --git a/dns/dnsdist/Makefile b/dns/dnsdist/Makefile index 87ad763110c5..2594b72f04e2 100644 --- a/dns/dnsdist/Makefile +++ b/dns/dnsdist/Makefile @@ -1,9 +1,8 @@ PORTNAME= dnsdist -DISTVERSION= 2.0.2 -PORTREVISION= 2 +DISTVERSION= 2.0.3 CATEGORIES= dns net MASTER_SITES= https://downloads.powerdns.com/releases/ -DISTFILES= ${DISTNAME}${EXTRACT_SUFX} +DISTFILES+= ${DISTNAME}${EXTRACT_SUFX} MAINTAINER= tremere@cainites.net COMMENT= Highly DNS-, DoS- and abuse-aware loadbalancer @@ -104,7 +103,7 @@ OPENSSL_MESON_ON= -Dlibcrypto-path=${OPENSSLBASE} SNMP_LIB_DEPENDS= libnetsnmp.so:net-mgmt/net-snmp SNMP_MESON_ENABLED= snmp -.include <bsd.port.pre.mk> +.include <bsd.port.options.mk> .if !(${OSVERSION} < 1400000 && ${SSL_DEFAULT} == "base") OPENSSL_MESON_ON+= -Dtls-libssl-providers=true @@ -115,4 +114,4 @@ OPENSSL_MESON_ON+= -Dtls-libssl-engines=true post-install: ${MV} ${STAGEDIR}${ETCDIR}/dnsdist.conf-dist ${STAGEDIR}${ETCDIR}/dnsdist.conf.sample -.include <bsd.port.post.mk> +.include <bsd.port.mk> diff --git a/dns/dnsdist/distinfo b/dns/dnsdist/distinfo index ca512a7efd1c..8915c7c04054 100644 --- a/dns/dnsdist/distinfo +++ b/dns/dnsdist/distinfo @@ -1,6 +1,6 @@ -TIMESTAMP = 1764672379 -SHA256 (dnsdist-2.0.2.tar.xz) = 3374eba65a5ca3cfb9fc59791c47e5035149fe521ccbbced5f834a17f45641bf -SIZE (dnsdist-2.0.2.tar.xz) = 2284864 +TIMESTAMP = 1774954320 +SHA256 (dnsdist-2.0.3.tar.xz) = a229250b819c40d55173afa7202ef1ef2a6b728f85c7506897a1f1ca6ab57149 +SIZE (dnsdist-2.0.3.tar.xz) = 2285640 SHA256 (rust/crates/anstyle-1.0.10.crate) = 55cc3b69f167a1ef2e161439aa98aed94e6028e5f9a59be9a6ffb47aef1651f9 SIZE (rust/crates/anstyle-1.0.10.crate) = 15725 SHA256 (rust/crates/cc-1.2.25.crate) = d0fc897dc1e865cc67c0e05a836d9d3f1df3cbe442aa4a9473b18e12624a4951 @@ -87,5 +87,3 @@ SHA256 (rust/crates/windows_x86_64_gnullvm-0.52.6.crate) = 24d5b23dc417412679681 SIZE (rust/crates/windows_x86_64_gnullvm-0.52.6.crate) = 435707 SHA256 (rust/crates/windows_x86_64_msvc-0.52.6.crate) = 589f6da84c646204747d1270a2a5661ea66ed1cced2631d546fdfb155959f9ec SIZE (rust/crates/windows_x86_64_msvc-0.52.6.crate) = 832564 -SHA256 (8045b2c8860c786d2ca9e13de05c431ba638c90f.diff) = e41f702c29e17595fdb0ad43c4391ef873cedf3a9b1fa36b63ddd2c9192e58e7 -SIZE (8045b2c8860c786d2ca9e13de05c431ba638c90f.diff) = 1513 diff --git a/dns/dnsdist/files/patch-dnsdist-lua.cc b/dns/dnsdist/files/patch-dnsdist-lua.cc deleted file mode 100644 index 4b002e027cbe..000000000000 --- a/dns/dnsdist/files/patch-dnsdist-lua.cc +++ /dev/null @@ -1,50 +0,0 @@ ---- dnsdist-lua.cc.orig 2025-07-21 09:54:44 UTC -+++ dnsdist-lua.cc -@@ -2260,6 +2260,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool cl - - bool ignoreTLSConfigurationErrors = false; - if (getOptionalValue<bool>(vars, "ignoreTLSConfigurationErrors", ignoreTLSConfigurationErrors) > 0 && ignoreTLSConfigurationErrors) { -+#if defined(HAVE_LIBSSL) - // we are asked to try to load the certificates so we can return a potential error - // and properly ignore the frontend before actually launching it - try { -@@ -2269,6 +2270,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool cl - errlog("Ignoring DoH frontend: '%s'", e.what()); - return; - } -+#endif /* HAVE_LIBSSL */ - } - - checkAllParametersConsumed("addDOHLocal", vars); -@@ -2357,6 +2359,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool cl - - bool ignoreTLSConfigurationErrors = false; - if (getOptionalValue<bool>(vars, "ignoreTLSConfigurationErrors", ignoreTLSConfigurationErrors) > 0 && ignoreTLSConfigurationErrors) { -+#if defined(HAVE_LIBSSL) - // we are asked to try to load the certificates so we can return a potential error - // and properly ignore the frontend before actually launching it - try { -@@ -2366,6 +2369,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool cl - errlog("Ignoring DoH3 frontend: '%s'", e.what()); - return; - } -+#endif /* HAVE_LIBSSL */ - } - - checkAllParametersConsumed("addDOH3Local", vars); -@@ -2433,6 +2437,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool cl - - bool ignoreTLSConfigurationErrors = false; - if (getOptionalValue<bool>(vars, "ignoreTLSConfigurationErrors", ignoreTLSConfigurationErrors) > 0 && ignoreTLSConfigurationErrors) { -+#if defined(HAVE_LIBSSL) - // we are asked to try to load the certificates so we can return a potential error - // and properly ignore the frontend before actually launching it - try { -@@ -2442,6 +2447,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool cl - errlog("Ignoring DoQ frontend: '%s'", e.what()); - return; - } -+#endif /* HAVE_LIBSSL */ - } - - checkAllParametersConsumed("addDOQLocal", vars);home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?69d95b9a.44c85.7293e3c5>