From nobody Tue Jan 24 06:50:57 2023 X-Original-To: dev-commits-ports-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4P1Hg55Q31z2tx8s; Tue, 24 Jan 2023 06:50:57 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4P1Hg54tL3z4bpL; Tue, 24 Jan 2023 06:50:57 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1674543057; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=y3RSXQTvovcNjj4brcwRdEF0vL/dvhR+o3pjI6Y/vEM=; b=iyu+DLntr2kSIYRefCbJK+fyORpLvK56eb1FLOtA9pm6txZ61/TZdYPLbcsa32w8aZjOXN HMlxslSvsjrAEuhdzVAxRVIaI0BgNV8GeE03ZAdhXTrmeANomS/PQXWnWxKBcMOls3HF72 oBiwsybIytKRQZeMh5/7XKGr05q1krT94sNNugMe1LUUmrNjfibIdyeCxzJ8pAhQVSjmkR 3cydb5JYI88KbYVFIcfb5y4GioU7sQ2YM0f2tnPuA/GvIxf2P9yGX3wNgKTbztwuDvfHJx OD4AXPn3YNDwiiJm5y2tmTqJPs7Fj/gPPLpvW9FA7tn8lcM+fKLjEegre/8aYw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1674543057; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=y3RSXQTvovcNjj4brcwRdEF0vL/dvhR+o3pjI6Y/vEM=; b=Molllg12BFWJ3kY7dzoWpmT539IVMV9ej8cGkYMPPyrgps8W1YjtPOMKQOFg7JiY5oFm6Z Xpb3DXv7IJdW/nbyQMYGDbH1nkY3rI98sbeOyrrO166ZhFATzL0tjfjsgtfvy0HQf5tX7J TxMMFP6xhmVRHmwRiqQ8350ijFQbPrAgQs85WQUs6IcTf0Ut/I6mNrFeBiV4dtnQIMGdHV xwiY6DTFiZoEbu44In7GHIJFY+Xf4H6RNKGWjuiED6C7eEo4oFGc+cN5crKBSw5eDKL6QM Yg1Ixob4QUUuc0EoMen9ni6LLgDoesqrXY39cpwCwjja/UxdQgX+4nu2xOtSDQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1674543057; a=rsa-sha256; cv=none; b=A++8OcWhCElPdPvOhzThKg4Rarb9V4wevd6hb9zKEuZ/I00N3U+p+rrPgP0cNpOCimaaSm /XYVW+iBuwpAhKO1XAzbavBwbz7S3Oal8uxRa3C+IhmQCn9+ABloa8Xs0LyOIEddTeaEoD M4Mq1qi7Luql9EBo2I2j7wd3nzTpbbxXIuzf18is5jvRtwJO1Taa4DZR0M2vyz7JPP35fo s+fP1PD2Kum9hZqccbRbCB+dwJwkl+YDVpVRGGOiB+01w1eJHk/PUbhY1+jL9asPEJiRP3 BiXU1qNPRqrGpUbQl8TnqynPeSyehf/VQz97j6HD36O4iEMGZzEtUa5Jihsgkg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4P1Hg53x6qz10fR; Tue, 24 Jan 2023 06:50:57 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 30O6ovtP061208; Tue, 24 Jan 2023 06:50:57 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 30O6ovRT061191; Tue, 24 Jan 2023 06:50:57 GMT (envelope-from git) Date: Tue, 24 Jan 2023 06:50:57 GMT Message-Id: <202301240650.30O6ovRT061191@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org From: =?utf-8?Q?Fernando=20Apestegu=C3=ADa?= Subject: git: 6ce46aad1724 - main - security/vuxml: register dns/powerdns-recursor vulnerability List-Id: Commit messages for all branches of the ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-ports-all@freebsd.org X-BeenThere: dev-commits-ports-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: fernape X-Git-Repository: ports X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 6ce46aad1724ae98a6aad1a9789389893eab4252 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by fernape: URL: https://cgit.FreeBSD.org/ports/commit/?id=6ce46aad1724ae98a6aad1a9789389893eab4252 commit 6ce46aad1724ae98a6aad1a9789389893eab4252 Author: Ralf van der Enden AuthorDate: 2023-01-23 17:12:27 +0000 Commit: Fernando ApesteguĂ­a CommitDate: 2023-01-24 06:46:41 +0000 security/vuxml: register dns/powerdns-recursor vulnerability CVE-2023-22617 PR: 269116 --- security/vuxml/vuln/2023.xml | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/security/vuxml/vuln/2023.xml b/security/vuxml/vuln/2023.xml index f257d8d280e8..c6f916049d6d 100644 --- a/security/vuxml/vuln/2023.xml +++ b/security/vuxml/vuln/2023.xml @@ -96,6 +96,32 @@ + + powerdns-recursor -- denial of service + + + powerdns-recursor + 4.8.04.8.1 + + + + +

PowerDNS Team reports:

+
+

PowerDNS Security Advisory 2023-01: unbounded recursion results in program termination

+
+ + + + CVE-2023-22617 + https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2023-01.html + + + 2023-01-20 + 2023-01-23 + + + shells/fish -- arbitrary code execution via git