From owner-freebsd-ports-bugs@freebsd.org  Thu Jul  2 08:44:36 2020
Return-Path: <owner-freebsd-ports-bugs@freebsd.org>
Delivered-To: freebsd-ports-bugs@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id C2D8834DD41
 for <freebsd-ports-bugs@mailman.nyi.freebsd.org>;
 Thu,  2 Jul 2020 08:44:36 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from mailman.nyi.freebsd.org (unknown [127.0.1.3])
 by mx1.freebsd.org (Postfix) with ESMTP id 49yBVD4qbbz4W3c
 for <freebsd-ports-bugs@freebsd.org>; Thu,  2 Jul 2020 08:44:36 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: by mailman.nyi.freebsd.org (Postfix)
 id A5B4A34DD40; Thu,  2 Jul 2020 08:44:36 +0000 (UTC)
Delivered-To: ports-bugs@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id A57C234DD3F
 for <ports-bugs@mailman.nyi.freebsd.org>; Thu,  2 Jul 2020 08:44:36 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 49yBVD3tBGz4VsT
 for <ports-bugs@FreeBSD.org>; Thu,  2 Jul 2020 08:44:36 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org (kenobi.freebsd.org
 [IPv6:2610:1c1:1:606c::50:1d])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 6877117EB3
 for <ports-bugs@FreeBSD.org>; Thu,  2 Jul 2020 08:44:36 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.5])
 by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 0628ia75001668
 for <ports-bugs@FreeBSD.org>; Thu, 2 Jul 2020 08:44:36 GMT
 (envelope-from bugzilla-noreply@freebsd.org)
Received: (from www@localhost)
 by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 0628iana001667
 for ports-bugs@FreeBSD.org; Thu, 2 Jul 2020 08:44:36 GMT
 (envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: www set sender to
 bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: ports-bugs@FreeBSD.org
Subject: [Bug 247707] dns/powerdns-recursor: update to 4.3.2
Date: Thu, 02 Jul 2020 08:44:36 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: new
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Ports & Packages
X-Bugzilla-Component: Individual Port(s)
X-Bugzilla-Version: Latest
X-Bugzilla-Keywords: 
X-Bugzilla-Severity: Affects Some People
X-Bugzilla-Who: tremere@cainites.net
X-Bugzilla-Status: New
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: ports-bugs@FreeBSD.org
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform
 op_sys bug_status bug_severity priority component assigned_to reporter
 attachments.created
Message-ID: <bug-247707-7788@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-BeenThere: freebsd-ports-bugs@freebsd.org
X-Mailman-Version: 2.1.33
Precedence: list
List-Id: Ports bug reports <freebsd-ports-bugs.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-ports-bugs>, 
 <mailto:freebsd-ports-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports-bugs/>
List-Post: <mailto:freebsd-ports-bugs@freebsd.org>
List-Help: <mailto:freebsd-ports-bugs-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-ports-bugs>, 
 <mailto:freebsd-ports-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Jul 2020 08:44:36 -0000

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D247707

            Bug ID: 247707
           Summary: dns/powerdns-recursor: update to 4.3.2
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Some People
          Priority: ---
         Component: Individual Port(s)
          Assignee: ports-bugs@FreeBSD.org
          Reporter: tremere@cainites.net

Created attachment 216129
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D216129&action=
=3Dedit
Update to PowerDNS Recursor 4.3.2

This update contains a security fix for CVE-2020-14196.

The issue is:

CVE-2020-14196: An issue has been found in PowerDNS Recursor where the ACL
applied to the internal web server via webserver-allow-from is not properly
enforced, allowing a remote attacker to send HTTP queries to the internal w=
eb
server, bypassing the restriction.

In the default configuration the API webserver is not enabled. Only
installations using a non-default value for webserver and webserver-address=
 are
affected.

As usual, there were also other smaller enhancements and bugfixes. In
particular, the 4.3.2 release contains fixes that allow long CNAME chains to
resolve properly, where previously they could fail if qname minimization is
enabled.

QA:
portlint: OK (looks fine.)
testport: OK (12.1, amd64)

Removed file(s):
files/patch-hostnamemax (no longer necessary since it has been merged by
upstream)

--=20
You are receiving this mail because:
You are the assignee for the bug.=