2023-10-25 00:11:51 by Thomas Klausner | Files touched by this commit (2298) |
Log message:
*: bump for openssl 3
|
2022-09-29 15:51:52 by Jonathan Perkin | Files touched by this commit (4) |
Log message:
powerdns-*: Reset PKGREVISION.
While here fix some pkglint.
|
2021-10-21 09:46:39 by Thomas Klausner | Files touched by this commit (77) |
Log message:
*: recursive bump for heimdal 7.7.0
its buildlink3.mk now includes openssl's buildlink3.mk
|
2020-07-03 14:33:14 by Juraj Lutter | Files touched by this commit (1) |
Log message:
net/powerdns-ldap: Fix dependency on mit-krb5
Pull in mit-krb5 version 1.11 or newer that contains properly exported
Kerberos ccache functions.
|
2020-07-02 15:05:21 by Juraj Lutter | Files touched by this commit (1) | |
Log message:
net/powerdns-ldap: Fix build and update for PowerDNS 4.3.0
|
2020-03-17 20:04:50 by Adam Ciarcinski | Files touched by this commit (14) | |
Log message:
powerdns: updated to 4.2.1
4.2.1
This release fixes several bugs and makes a few features more robust or \
intuitive. It also contains a few performance improvements for API users.
New Features
Add SLAVE-RENOTIFY zone metadata support
Add configurable timeout for inbound AXFR
Add CentOS 8 as builder target
gmysql backend, add an option to send the SSL capability flag
Improvements
API: reduce number of database connections
Register a few known RR types and remove an unknown one
bindbackend: use metadata for also-notifies as well
pdnsutil increase-serial: under SOA-EDIT=INCEPTION-EPOCH, bump as if it is EPOCH
API: optionally do not return dnssec info in domain list
Basic validation of $GENERATE parameters
Bug Fixes
LUA view: do not crash on empty IP list
API: Accept headers without spaces
Avoid database state-related SERVFAILs after a LUA error
Just before 4.2.0, some SQL-related fixes broke edit-zone and other features \
with the LMDB backend. This has been fixed now.
rfc2136, pdnsutil: somewhat improve duplicate record handling
4.2.0
Compared to the last release candidate, one more bug has been fixed.
The LMDB backend is incomplete in this version. Slaving zones works, loading \
zones with pdnsutil works, but more fine grained edits (using edit-zone, or the \
REST API) fail. We hope to fix this soon in a 4.2.x release.
For an overview of features new since 4.1.x, please see the 4.2.0 announcement \
blog post.
Bug Fixes
bind getAllDomains: ignore per-zone exceptions
|
2020-01-18 22:51:16 by Jonathan Perkin | Files touched by this commit (1836) |
Log message:
*: Recursive revision bump for openssl 1.1.1.
|
2018-01-02 13:18:16 by Filip Hajny | Files touched by this commit (13) |
Log message:
Update net/powerdns* to 4.1.0.
PowerDNS Authoritative Server 4.1.0
===========================================================
- Improved performance: 400% speedup in some scenarios
- Crypto API: DNSSEC fully configurable via RESTful API
- Improved documentation
- Database related improvements
- Enhanced tooling
- Support for TCP Fast Open
- Support for non-local bind
- Support for Botan 2.x (and removal of support for Botan 1.10)
- Our packages now ship with PKCS #11 support.
- Recursor passthrough removal
Full changelog:
https://doc.powerdns.com/authoritative/changelog/4.1.html
PowerDNS Authoritative Server 4.0.5
===========================================================
Fixes
- Fix for missing check on API operations (CVE-2017-15091)
- Bindbackend: do not corrupt data supplied by other backends in
getAllDomains
- API: prevent sending nameservers list and zone-level NS in rrsets
- gpgsql: make statement names actually unique
- Fix remotebackend params
- Fix godbc query logging
- For create-slave-zone, actually add all slaves, and not only first n
times
- Fix a regression in axfr-rectify + test
- When making a netmask from a comboaddress, we neglected to zero the
port
- Fix libatomic detection on ppc64
- Catch DNSName exception in the Zoneparser
- Publish inactive KSK/CSK as CDNSKEY/CDS
- Handle AFSDB record separately due to record structure.
- Treat requestor's payload size lower than 512 as equal to 512
- Correctly purge entries from the caches after a transfer
- Handle a signing pipe worker dying with work still pending
- Ignore SOA-EDIT for PRESIGNED zones.
- Check return value for all getTSIGKey calls.
Improvements
- Fix ldap-strict autoptr feature, including a test
- mydnsbackend: Add getAllDomains
- Stubresolver: Use only recursor setting if given
- LuaWrapper: Allow embedded NULs in strings received from Lua
- sdig: Clarify that the ednssubnet option takes "subnet/mask"
- Tests: Ensure all required tools are available
- PowerDNS sdig does not truncate trailing bits of EDNS Client Subnet
mask
- LuaJIT 2.1: Lua fallback functionality no longer uses Lua namespace
- Add support for Botan 2.x
- Ship ldapbackend schema files in tarball
- Collection of schema changes
- Fix typo in two log messages
- Add help text on autodetecting systemd support
- Use a unique pointer for bind backend's d_of
- Fix some of the issues found by @jpmens
|
2016-06-03 13:45:34 by Filip Hajny | Files touched by this commit (6) |
Log message:
Update net/powerdns (and modules) to 3.4.9.
PowerDNS Authoritative Server 3.4.9
===================================
This is a minor bugfix and performance release. Two contributions
by Kees Monshouwer make 3.4.9 fully compatible with the new single
key ECDSA default that is coming in version 4.0.0.
Changes since 3.4.8:
- use OpenSSL for ECDSA signing where available (Kees Monshouwer)
- allow common signing key (Kees Monshouwer)
- Add a disable-syslog setting
- fix SOA caching with multiple backends (Kees Monshouwer)
- whitespace-related zone parsing fixes ticket #3568
- bindbackend: fix, set domain in list() (Kees Monshouwer)
PowerDNS Authoritative Server 3.4.8
===================================
This is a small bugfix release. Additionally, the deb/RPM packages
on downloads.powerdns.com (those with -static in the name) for
3.4.8 have been built against Botan 1.10.11 instead of Botan
1.10.3 like previous packages. Please see the Botan Security page
for more information on the fixes in Botan 1.10.11. As a PowerDNS
user, these issues only affect you if you ran our -static packages
and allowed your users to upload private keys to your
configuration.
Changes since 3.4.7:
- Use AC_SEARCH_LIBS (Ruben Kerkhof)
- Check for inet_aton in libresolv (Ruben Kerkhof)
- Remove hardcoded -lresolv, -lnsl and -lsocket (Ruben Kerkhof)
- pdnssec: don't check disabled records (Pieter Lexis)
- pdnssec: check all records (including disabled ones) only in
verbose mode (Kees Monshouwer)
- traling dot in DNAME content (Kees Monshouwer)
- Fix luabackend compilation on FreeBSD i386 (RvdE)
- silence g++ 6.0 warnings and error (Kees Monshouwer)
- add gcc 5.3 and 6.0 support to boost.m4 (Kees Monshouwer)
PowerDNS Authoritative Server 3.4.7
===================================
This is a security release fixing Security Advisory 2015-03
Bug fixes:
- Ignore invalid/empty TKEY and TSIG records (Christian
Hofstaedtler)
- Don't reply to truncated queries (Christian Hofstaedtler)
- don't log out-of-zone ents during AXFR in (Kees Monshouwer)
- Prevent XSS by escaping user input. Thanks to Pierre Jaury and
Damien Cauquil at Sysdream for pointing this out.
- Handle NULL and boolean properly in gPGSql (Aki Tuomi)
- Improve negative caching (Kees Monshouwer)
- Do not divide timeout twice (Aki Tuomi)
- Correctly sort records with a priority.
Improvements:
- Direct query answers and correct zone-rectification in the GeoIP
backend (Aki Tuomi)
- Use token names to identify PKCS#11 keys (Aki Tuomi)
- Fix typo in an error message (Arjen Zonneveld)
- limit NSEC3 iterations in bindbackend (Kees Monshouwer)
- Initialize minbody (Aki Tuomi)
New features:
- OPENPGPKEY record-type (James Cloos and Kees Monshouwer)
- add global soa-edit settings (Kees Monshouwer)
|
2016-03-05 12:29:49 by Jonathan Perkin | Files touched by this commit (1813) |
Log message:
Bump PKGREVISION for security/openssl ABI bump.
|