Overview Repositories Revisions Requests Users Attributes Meta

Revisions of pdns

Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 855745 from Factory Maintainer's avatar Factory Maintainer (factory-maintainer) (revision 71) 
Automatic submission by obs-autosubmit
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 836269 from Adam Majer's avatar Adam Majer (adamm) (revision 70) 
Add Bugzilla entry since original submission

- Update to 4.3.1 especially a security fix for
  PowerDNS Security Advisory 2020-05 (CVE-2020-17482, bsc#1176535)
  Other improvements and bug fixes include,
  * gpgsql: Reintroduce prepared statements
  * Handle the extra single-row result set of MySQL stored procedures
  * Raise an exception on invalid hex content in unknown records
  For details, see
  https://doc.powerdns.com/authoritative/changelog/4.3.html#change-4.3.1
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 834287 from Adam Majer's avatar Adam Majer (adamm) (revision 69) 
- 9070.patch: backport compilation fix vs. latest Boost 1.74
  based on https://github.com/PowerDNS/pdns/pull/9070 (bsc#1176312)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 793916 from Factory Maintainer's avatar Factory Maintainer (factory-maintainer) (revision 68) 
Automatic submission by obs-autosubmit
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 752958 from Adam Majer's avatar Adam Majer (adamm) (revision 66) 
- Update to 4.2.1:
  New features
  * Add SLAVE-RENOTIFY zone metadata support
  * Add configurable timeout for inbound
  * for gmysql backend, add an option to send the SSL capability flag
  Improvements
  * Register a few known RR types
  * bindbackend: use metadata for also-notifies as well
  * pdnsutil increase-serial: under SOA-EDIT=INCEPTION-EPOCH,
    bump as if it is EPOCH
  * API: optionally do not return dnssec info in domain list
  Bug Fixes
  * LUA view: do not crash on empty IP list
  * API: Accept headers without spaces
  * Avoid database state-related SERVFAILs after a LUA error
  * Fix broken edit-zone and other features with the LMDB backend
  * rfc2136, pdnsutil: somewhat improve duplicate record handling
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 727236 from Adam Majer's avatar Adam Majer (adamm) (revision 65) 
- Update to 4.2.0:
  - New features:
    * Lua records
    * ixfrdist
    * a new LMDB backend
  - Important functional changes:
    * the default UDP response size limit has been changed from 1680 to 1232
    * the autoserial feature has been removed
- pdns-4.0.3_allow_dacoverride_in_capset.patch: refreshed
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 720228 from Adam Majer's avatar Adam Majer (adamm) (revision 63) 
- Update to 4.1.11:
  * update postgresql schema to address a possible denial of service
    by an authorized user by inserting a crafted record in a MASTER
    type zone under their control. (bsc#1142810, CVE-2019-10203)
  To fix the issue, run the following command against your PostgreSQL
  pdns database:
    ALTER TABLE domains ALTER notified_serial TYPE bigint
      USING CASE WHEN notified_serial >= 0
      THEN notified_serial::bigint END;
- spec file simplifications and cleanup

  * fixes a denial of service but when authorized user to cause
    the server to exit by inserting a crafted record in a MASTER
    type zone under their control. (bsc#1138582, CVE-2019-10162)
  * fixes a denial of service of slave server when an authorized
    master server sends large number of NOTIFY messages
    (bsc#1138582, CVE-2019-10163)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 686373 from Adam Majer's avatar Adam Majer (adamm) (revision 60) 
Bugzilla reference
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 646920 from Adam Majer's avatar Adam Majer (adamm) (revision 57) 
- Update to 4.1.5
  * Improvements
    - Apply alias scopemask after chasing
    - Release memory in case of error in the openssl ecdsa constructor
    - Switch to devtoolset 7 for el6
  * Bug Fixes
    - Crafted zone record can cause a denial of service
      (bsc#1114157, CVE-2018-10851)
    - Packet cache pollution via crafted query
      (bsc#1114169, CVE-2018-14626)
    - Fix compilation with libressl 2.7.0+
    - Actually truncate truncated responses
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 606956 from Adam Majer's avatar Adam Majer (adamm) (revision 54) 
- Update to 4.1.2
  - Improvements
    * API: increase serial after dnssec related updates
    * Auth: lower ‘packet too short’ loglevel
    * Make check-zone error on rows that have content but shouldn’t
    * Auth: avoid an isane amount of new backend connections during an axfr
    * Report unparseable data in stoul invalid_argument exception
    * Backport: recheck serial when axfr is done
    * Backport: add tcp support for alias
  - Bug Fixes
    * Auth: allocate new statements after reconnecting to postgresql
    * Auth-bindbackend: only compare ips in ismaster() (Kees Monshouwer)
    * Rather than crash, sheepishly report no file/linenum
    * Document undocumented config vars
    * Backport #6276 (auth 4.1.x): prevent cname + other data with dnsupdate
  - misc
    * Move includes around to avoid boost L conflict
    * Backport: update edns option code list
    * Auth: link dnspcap2protobuf against librt when needed
    * Fix a warning on botan >= 2.5.0
    * Auth 4.1.x: unbreak build
    * Dnsreplay: bail out on a too small outgoing buffer (CVE-2018-1046 bsc#1092540)

- add patch for upstream issue #6228
  https://patch-diff.githubusercontent.com/raw/PowerDNS/pdns/pull/6370.patch
Displaying revisions 21 - 40 of 92
openSUSE Build Service is sponsored by
Places