update to powerdns-4.1.5
2018-03: Crafted zone record can cause a denial of service (CVE-2018-10851) https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2018-03.html 2018-05: Packet cache pollution via crafted query (CVE-2018-14626) https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2018-05.html
This commit is contained in:
parent
766ddf5675
commit
65b36a0291
@ -1,10 +1,10 @@
|
||||
# $OpenBSD: Makefile,v 1.64 2018/09/09 17:47:28 florian Exp $
|
||||
# $OpenBSD: Makefile,v 1.65 2018/11/06 22:52:06 sthen Exp $
|
||||
|
||||
COMMENT-main= modular authoritative nameserver (with database support)
|
||||
COMMENT-mysql= MySQL database access module for PowerDNS
|
||||
COMMENT-pgsql= PostgreSQL database access module for PowerDNS
|
||||
|
||||
V= 4.1.4
|
||||
V= 4.1.5
|
||||
DISTNAME= pdns-${V}
|
||||
EXTRACT_SUFX = .tar.bz2
|
||||
PKGNAME-main= powerdns-${V}
|
||||
@ -24,7 +24,7 @@ PERMIT_PACKAGE_CDROM= Yes
|
||||
WANTLIB += m pthread ${COMPILER_LIBCXX}
|
||||
|
||||
WANTLIB-main += ${WANTLIB}
|
||||
WANTLIB-main += boost_program_options-mt c crypto sodium sqlite3
|
||||
WANTLIB-main += boost_program_options-mt c crypto sodium sqlite3 z
|
||||
|
||||
MASTER_SITES= https://downloads.powerdns.com/releases/
|
||||
|
||||
|
@ -1,2 +1,2 @@
|
||||
SHA256 (pdns-4.1.4.tar.bz2) = 6UCGAzg9Ups7vuJQm3MYfSGGxQKpsFLQfiUM2POHPtU=
|
||||
SIZE (pdns-4.1.4.tar.bz2) = 1089376
|
||||
SHA256 (pdns-4.1.5.tar.bz2) = wylXCmbYxzQNOP1YLLI61kJ5m4PHJ2+w/epDA3WbT4o=
|
||||
SIZE (pdns-4.1.5.tar.bz2) = 1116238
|
||||
|
@ -1,26 +0,0 @@
|
||||
$OpenBSD: patch-pdns_opensslsigners_cc,v 1.4 2018/03/18 22:56:21 sthen Exp $
|
||||
|
||||
XXX auto-init may mean that thread locking can be avoided; if so, the whole
|
||||
"OPENSSL_VERSION_NUMBER < 0x1010000fL || defined LIBRESSL_VERSION_NUMBER)"
|
||||
block can be disabled
|
||||
|
||||
|
||||
Index: pdns/opensslsigners.cc
|
||||
--- pdns/opensslsigners.cc.orig
|
||||
+++ pdns/opensslsigners.cc
|
||||
@@ -76,6 +76,7 @@ void openssl_thread_cleanup()
|
||||
OPENSSL_free(openssllocks);
|
||||
}
|
||||
|
||||
+#if !defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER < 0x2070000fL
|
||||
/* compat helpers. These DO NOT do any of the checking that the libssl 1.1 functions do. */
|
||||
static inline void RSA_get0_key(const RSA* rsakey, const BIGNUM** n, const BIGNUM** e, const BIGNUM** d) {
|
||||
*n = rsakey->n;
|
||||
@@ -142,6 +143,7 @@ static inline int ECDSA_SIG_set0(ECDSA_SIG* signature,
|
||||
return 1;
|
||||
}
|
||||
#endif /* HAVE_LIBCRYPTO_ECDSA */
|
||||
+#endif
|
||||
|
||||
#else
|
||||
void openssl_thread_setup() {}
|
@ -1,4 +1,4 @@
|
||||
@comment $OpenBSD: PLIST-main,v 1.12 2018/05/09 09:39:05 sthen Exp $
|
||||
@comment $OpenBSD: PLIST-main,v 1.13 2018/11/06 22:52:06 sthen Exp $
|
||||
@conflict powerdns-sqlite-*
|
||||
@conflict powerdns-sqlite3-*
|
||||
@pkgpath net/powerdns,-sqlite
|
||||
@ -6,6 +6,7 @@
|
||||
@newgroup _powerdns:609
|
||||
@newuser _powerdns:609:_powerdns:daemon:PowerDNS Server:/nonexistent:/sbin/nologin
|
||||
@sample ${SYSCONFDIR}/
|
||||
@rcscript ${RCDIR}/pdns_server
|
||||
@bin bin/dnsbulktest
|
||||
@bin bin/dnsgram
|
||||
@bin bin/dnsreplay
|
||||
@ -56,4 +57,3 @@ share/doc/pdns/schema.sqlite3.sql
|
||||
share/examples/pdns/
|
||||
share/examples/pdns/pdns.conf
|
||||
@sample ${SYSCONFDIR}/pdns.conf
|
||||
@rcscript ${RCDIR}/pdns_server
|
||||
|
Loading…
Reference in New Issue
Block a user