[Bug 216135] dns/powerdns-recursor: Upgrade to recent version (v4.0.4) - current(4.0.3) is vulnerable
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Mon Jan 16 10:18:44 UTC 2017
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=216135
Bug ID: 216135
Summary: dns/powerdns-recursor: Upgrade to recent version
(v4.0.4) - current(4.0.3) is vulnerable
Product: Ports & Packages
Version: Latest
Hardware: Any
OS: Any
Status: New
Severity: Affects Many People
Priority: ---
Component: Individual Port(s)
Assignee: freebsd-ports-bugs at FreeBSD.org
Reporter: i.dani at outlook.com
CC: tremere at cainites.net
Flags: maintainer-feedback?(tremere at cainites.net)
CC: tremere at cainites.net
The current version avilable for FreeBSD is vulnerable since 13.01.2017 and has
already been patched upstream.
See here:
https://blog.powerdns.com/2017/01/13/powerdns-recursor-4-0-4-released/
Available version: 4.0.3_3
Patched version: 4.0.4
Changelog
Security:
Check TSIG signature on IXFR (Security Advisory 2016-04)
Don’t parse spurious RRs in queries when we don’t need them (Security
Advisory 2016-02)
Fixes:
Add `max-recursion-depth` to limit the number of internal recursion
Wait until after daemonizing to start the RPZ and protobuf threads
On RPZ customPolicy, follow the resulting CNAME
Make the negcache forwarded zones aware
Cache records for zones that were delegated to from a forwarded zone
DNSSEC: don’t go bogus on zero configured DSs
DNSSEC: NSEC3 optout and Bogus insecure forward fixes
DNSSEC: Handle CNAMEs at the apex of secure zones to other secure zones
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-ports-bugs
mailing list