[Bug 247707] dns/powerdns-recursor: update to 4.3.2

Thu Jul 2 08:44:36 UTC 2020

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=247707

            Bug ID: 247707
           Summary: dns/powerdns-recursor: update to 4.3.2
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Some People
          Priority: ---
         Component: Individual Port(s)
          Assignee: ports-bugs at FreeBSD.org
          Reporter: tremere at cainites.net

Created attachment 216129
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=216129&action=edit
Update to PowerDNS Recursor 4.3.2

This update contains a security fix for CVE-2020-14196.

The issue is:

CVE-2020-14196: An issue has been found in PowerDNS Recursor where the ACL
applied to the internal web server via webserver-allow-from is not properly
enforced, allowing a remote attacker to send HTTP queries to the internal web
server, bypassing the restriction.

In the default configuration the API webserver is not enabled. Only
installations using a non-default value for webserver and webserver-address are
affected.

As usual, there were also other smaller enhancements and bugfixes. In
particular, the 4.3.2 release contains fixes that allow long CNAME chains to
resolve properly, where previously they could fail if qname minimization is
enabled.

QA:
portlint: OK (looks fine.)
testport: OK (12.1, amd64)

Removed file(s):
files/patch-hostnamemax (no longer necessary since it has been merged by
upstream)

-- 
You are receiving this mail because:
You are the assignee for the bug.