svn commit: r459779 - branches/2018Q1/dns/powerdns-recursor

Kirill Ponomarev krion at FreeBSD.org
Tue Jan 23 15:45:27 UTC 2018 

Author: krion
Date: Tue Jan 23 15:45:26 2018
New Revision: 459779
URL: https://svnweb.freebsd.org/changeset/ports/459779

Log:
  MFH: r459742
  
  Update to version 4.1.1
  
  - Fixes "PowerDNS Security Advisory 2018-01: Insufficient validation
    of DNSSEC signatures". An issue has been found in the DNSSEC
    validation component of PowerDNS Recursor, allowing an ancestor
    delegation NSEC or NSEC3 record to be used to wrongfully prove the
    non-existence of a RR below the owner name of that record. This
    would allow an attacker in position of man-in-the-middle to send a
    NXDOMAIN answer for a name that does exist.
    The 4.0.x branch is not vulnerable.
  
  - Add support for algo16 and simplify Lua/LuaJIT engine choice.
  
  PR:		225397
  Submitted by:	maintainer
  Security:	CVE-2018-1000003
  
  Approved by:	ports-secteam

Modified:
  branches/2018Q1/dns/powerdns-recursor/Makefile
  branches/2018Q1/dns/powerdns-recursor/distinfo
Directory Properties:
  branches/2018Q1/   (props changed)

Modified: branches/2018Q1/dns/powerdns-recursor/Makefile
==============================================================================
--- branches/2018Q1/dns/powerdns-recursor/Makefile	Tue Jan 23 15:17:54 2018	(r459778)
+++ branches/2018Q1/dns/powerdns-recursor/Makefile	Tue Jan 23 15:45:26 2018	(r459779)
@@ -46,15 +46,17 @@ LUA_CONFIGURE_WITH=	lua
 LUA_USES=		lua
 
 LUAJIT_CONFIGURE_WITH=	luajit
+LUAJIT_DESC=		Use LuaJIT instead of Lua
 LUAJIT_LIB_DEPENDS=	libluajit-5.1.so.2:lang/luajit
-
+LUAJIT_USES_OFF=	lua
 OPTALGO_CONFIGURE_ON=	--enable-botan \
 			--enable-libsodium
+OPTALGO_DESC=		Enable optional algorithms (12, 15 & 16)
 OPTALGO_LIB_DEPENDS=	libbotan-2.so:security/botan2 \
 			libsodium.so:security/libsodium
-
-SETUID_VARS=	USERS=pdns_recursor GROUPS=pdns
+SETUID_DESC=		Run as pdns_recursor user
 SETUID_EXTRA_PATCHES=	${PATCHDIR}/extrapatch-setuid
+SETUID_VARS=		USERS=pdns_recursor GROUPS=pdns
 
 SUB_FILES=	pkg-message
 

Modified: branches/2018Q1/dns/powerdns-recursor/distinfo
==============================================================================
--- branches/2018Q1/dns/powerdns-recursor/distinfo	Tue Jan 23 15:17:54 2018	(r459778)
+++ branches/2018Q1/dns/powerdns-recursor/distinfo	Tue Jan 23 15:45:26 2018	(r459779)
@@ -1,3 +1,3 @@
-TIMESTAMP = 1512394122
-SHA256 (pdns-recursor-4.1.0.tar.bz2) = 880b9d4cc57e2b11cae5bff9b20571fb3466f4385c010d06764296fef44f60a3
-SIZE (pdns-recursor-4.1.0.tar.bz2) = 1222751
+TIMESTAMP = 1516634099
+SHA256 (pdns-recursor-4.1.1.tar.bz2) = 8feb03c7141997775cb52c131579e8e34c9896ea8bb77276328f5f6cc4e1396b
+SIZE (pdns-recursor-4.1.1.tar.bz2) = 1224544

More information about the svn-ports-branches mailing list