Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 23 Oct 2018 22:40:17 +0000 (UTC)
From:      Matthias Andree <mandree@FreeBSD.org>
To:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org
Subject:   svn commit: r482875 - in branches/2018Q4/dns/dnsmasq: . files
Message-ID:  <201810232240.w9NMeHG6013174@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: mandree
Date: Tue Oct 23 22:40:16 2018
New Revision: 482875
URL: https://svnweb.freebsd.org/changeset/ports/482875

Log:
  MFH: r482439
  
  Upgrade dns/dnsmasq to v2.80.
  
  Security: the installed example configuration file shows a way of
  disabling WPAD hijacking, but leaves it commented out. Extend pkg-message.
  
  Changelog: 	<http://thekelleys.org.uk/dnsmasq/CHANGELOG>;
  
  Since installing v2.80 isn't a fix against the vulnerability, and fixing
  it needs administrator intervention on upgrades, I am not marking this in
  vuxml for now, since we'd need to mark v2.80 vulnerable, too.
  
  Security:	CERT VU#598349
  
  Approved by:	ports-secteam@ (miwi@)

Modified:
  branches/2018Q4/dns/dnsmasq/Makefile
  branches/2018Q4/dns/dnsmasq/distinfo
  branches/2018Q4/dns/dnsmasq/files/pkg-message.in
Directory Properties:
  branches/2018Q4/   (props changed)

Modified: branches/2018Q4/dns/dnsmasq/Makefile
==============================================================================
--- branches/2018Q4/dns/dnsmasq/Makefile	Tue Oct 23 22:32:09 2018	(r482874)
+++ branches/2018Q4/dns/dnsmasq/Makefile	Tue Oct 23 22:40:16 2018	(r482875)
@@ -2,7 +2,7 @@
 # $FreeBSD$
 
 PORTNAME=	dnsmasq
-DISTVERSION=	2.79
+DISTVERSION=	2.80
 PORTREVISION=	0	# leave this in even if 0 to avoid PORTEPOCH bumps
 PORTEPOCH=	1
 CATEGORIES=	dns ipv6
@@ -32,7 +32,7 @@ OPTIONS_RADIO_INTL=	IDN NLS
 INTL_DESC=	Internationalization Support Level
 NLS_DESC=	IDN+NLS: Int'l Domain Names & National Language support
 IDN_DESC=	IDN: Int'l Domain Names WITHOUT full NLS
-IPSET_DESC=	Dynamic firewall managment of resolved names (needs PF)
+IPSET_DESC=	Dynamic firewall management of resolved names (needs PF)
 LUA_DESC=	Support lease-change scripts written in Lua
 DNSSEC_DESC=	Enable DNSSEC caching and validation
 USES=		cpe shebangfix tar:xz
@@ -92,7 +92,7 @@ USE_RC_SUBR=	dnsmasq
 LDFLAGS+=	-L${LOCALBASE}/lib ${_intllibs} ${ICONV_LIB}
 
 post-patch:
-	${REINPLACE_CMD} -e "s/lua5\.1/lua-${LUA_VER}/" ${WRKSRC}/Makefile
+	${REINPLACE_CMD} -e 's/lua5\.1/lua-${LUA_VER}/' ${WRKSRC}/Makefile
 
 pre-configure: pretty-print-config
 .if ${PORT_OPTIONS:MIDN}

Modified: branches/2018Q4/dns/dnsmasq/distinfo
==============================================================================
--- branches/2018Q4/dns/dnsmasq/distinfo	Tue Oct 23 22:32:09 2018	(r482874)
+++ branches/2018Q4/dns/dnsmasq/distinfo	Tue Oct 23 22:40:16 2018	(r482875)
@@ -1,3 +1,3 @@
-TIMESTAMP = 1521491408
-SHA256 (dnsmasq-2.79.tar.xz) = 78ad74f5ca14fd85a8bac93f764cd9d60b27579e90eabd3687ca7b030e67861f
-SIZE (dnsmasq-2.79.tar.xz) = 493036
+TIMESTAMP = 1539932660
+SHA256 (dnsmasq-2.80.tar.xz) = cdaba2785e92665cf090646cba6f94812760b9d7d8c8d0cfb07ac819377a63bb
+SIZE (dnsmasq-2.80.tar.xz) = 501072

Modified: branches/2018Q4/dns/dnsmasq/files/pkg-message.in
==============================================================================
--- branches/2018Q4/dns/dnsmasq/files/pkg-message.in	Tue Oct 23 22:32:09 2018	(r482874)
+++ branches/2018Q4/dns/dnsmasq/files/pkg-message.in	Tue Oct 23 22:40:16 2018	(r482875)
@@ -5,3 +5,10 @@
 *** Further options and actions are documented inside
 *** %%PREFIX%%/etc/rc.d/dnsmasq
 
+*** SECURITY RECOMMENDATION
+*** ~~~~~~~~~~~~~~~~~~~~~~~
+*** It is recommended to enable the wpad-related options
+*** at the end of the configuration file (you may need to
+*** copy them from the example file to yours) to fix
+*** CERT Vulnerability VU#598349.
+



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201810232240.w9NMeHG6013174>