diff options
| author | Kirill Ponomarev <krion@FreeBSD.org> | 2018-01-23 11:04:06 +0000 |
|---|---|---|
| committer | Kirill Ponomarev <krion@FreeBSD.org> | 2018-01-23 11:04:06 +0000 |
| commit | 8d79c7231755f7e62951138de86f993046ef6ec2 (patch) | |
| tree | 68dc2a135f7bdb9e06ff0327eead9ec4ff845d2f /dns | |
| parent | 53f7f97663a7c996635538a9260f5580c90db2b9 (diff) | |
| download | ports-8d79c7231755f7e62951138de86f993046ef6ec2.tar.gz ports-8d79c7231755f7e62951138de86f993046ef6ec2.zip | |
Update to version 4.1.1
- Fixes "PowerDNS Security Advisory 2018-01: Insufficient validation
of DNSSEC signatures". An issue has been found in the DNSSEC
validation component of PowerDNS Recursor, allowing an ancestor
delegation NSEC or NSEC3 record to be used to wrongfully prove the
non-existence of a RR below the owner name of that record. This
would allow an attacker in position of man-in-the-middle to send a
NXDOMAIN answer for a name that does exist.
The 4.0.x branch is not vulnerable.
- Add support for algo16 and simplify Lua/LuaJIT engine choice.
PR: 225397
Submitted by: maintainer
Security: CVE-2018-1000003
Notes
Notes:
svn path=/head/; revision=459742
Diffstat (limited to 'dns')
| -rw-r--r-- | dns/powerdns-recursor/Makefile | 25 | ||||
| -rw-r--r-- | dns/powerdns-recursor/distinfo | 6 |
2 files changed, 11 insertions, 20 deletions
diff --git a/dns/powerdns-recursor/Makefile b/dns/powerdns-recursor/Makefile index 7a7fa2107f83..83e523f87952 100644 --- a/dns/powerdns-recursor/Makefile +++ b/dns/powerdns-recursor/Makefile @@ -2,8 +2,7 @@ # $FreeBSD$ PORTNAME= recursor -DISTVERSION= 4.1.0 -PORTREVISION= 3 +DISTVERSION= 4.1.1 CATEGORIES= dns ipv6 MASTER_SITES= http://downloads.powerdns.com/releases/ PKGNAMEPREFIX= powerdns- @@ -35,30 +34,22 @@ CPE_VENDOR= powerdns USE_RC_SUBR= pdns-recursor -OPTIONS_DEFINE= OPTALGO SETUID -OPTIONS_DEFAULT= LUA SETUID -OPTIONS_RADIO= LUA_RG -OPTIONS_RADIO_LUA_RG= LUA LUAJIT -LUAJIT_DESC= Enable LuaJIT -LUA_RG_DESC= Lua Engine -OPTALGO_DESC= Enable optional algorithms (12, 15 & 16) -SETUID_DESC= Run as pdns_recursor user - -LUA_CONFIGURE_WITH= lua -LUA_USES= lua - +OPTIONS_DEFINE= LUAJIT OPTALGO SETUID +OPTIONS_DEFAULT= SETUID LUAJIT_CONFIGURE_WITH= luajit +LUAJIT_DESC= Use LuaJIT instead of Lua LUAJIT_LIB_DEPENDS= libluajit-5.1.so.2:lang/luajit - +LUAJIT_USES_OFF= lua OPTALGO_CONFIGURE_ON= --enable-botan \ --enable-libdecaf \ --enable-libsodium +OPTALGO_DESC= Enable optional algorithms (12, 15 & 16) OPTALGO_LIB_DEPENDS= libbotan-2.so:security/botan2 \ libdecaf.so:security/libdecaf \ libsodium.so:security/libsodium - -SETUID_VARS= USERS=pdns_recursor GROUPS=pdns +SETUID_DESC= Run as pdns_recursor user SETUID_EXTRA_PATCHES= ${PATCHDIR}/extrapatch-setuid +SETUID_VARS= USERS=pdns_recursor GROUPS=pdns SUB_FILES= pkg-message diff --git a/dns/powerdns-recursor/distinfo b/dns/powerdns-recursor/distinfo index 8cb7076f8902..934a010ad1c4 100644 --- a/dns/powerdns-recursor/distinfo +++ b/dns/powerdns-recursor/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1512394122 -SHA256 (pdns-recursor-4.1.0.tar.bz2) = 880b9d4cc57e2b11cae5bff9b20571fb3466f4385c010d06764296fef44f60a3 -SIZE (pdns-recursor-4.1.0.tar.bz2) = 1222751 +TIMESTAMP = 1516634099 +SHA256 (pdns-recursor-4.1.1.tar.bz2) = 8feb03c7141997775cb52c131579e8e34c9896ea8bb77276328f5f6cc4e1396b +SIZE (pdns-recursor-4.1.1.tar.bz2) = 1224544 |