Revisions of pdns-recursor
buildservice-autocommit
accepted
request 841527
from
Adam Majer (adamm)
(revision 150)
baserev update by copy to link target
Adam Majer (adamm)
committed
(revision 149)
- 9070.patch: refreshed, looks like only partially upstreamed
Adam Majer (adamm)
committed
(revision 148)
Adam Majer (adamm)
committed
(revision 147)
- update to 4.3.5: * fixes cache pollution related to DNSSEC validation. (CVE-2020-25829, bsc#1177383) * now raise an exception on invalid content in unknown records * fixes the parsing of dont-throttle-netmasks in the presence of dont-throttle-names - 9070.patch: upstreamed and removed
buildservice-autocommit
accepted
request 833218
from
Adam Majer (adamm)
(revision 146)
baserev update by copy to link target
Adam Majer (adamm)
committed
(revision 145)
- 9070.patch: backport compilation fix vs. latest Boost 1.74 based on https://github.com/PowerDNS/pdns/pull/9070
Adam Majer (adamm)
accepted
request 832972
from
Michael Ströder (stroeder)
(revision 144)
Update to 4.3.4 Note: Currently building package pdns-recursor fails to build on Tumbleweed/Factory because of a incompability with Boost >= 1.73. Nevertheless we should get 4.3.4 prepared and fix Tumbleweed/Factory builds with a back-port patch provided by upstream really soon. See also: https://mailman.powerdns.com/pipermail/pdns-users/2020-September/026825.html Possible upstream fix: https://github.com/PowerDNS/pdns/pull/9070
buildservice-autocommit
accepted
request 821852
from
Adam Majer (adamm)
(revision 143)
baserev update by copy to link target
Adam Majer (adamm)
accepted
request 821505
from
Michael Ströder (stroeder)
(revision 142)
- update to 4.3.3 * Validate cached DNSKEYs against the DSs, not the RRSIGs only. * Ignore cache-only for DNSKEYs and DS retrieval. * A ServFail while retrieving DS/DNSKEY records is just that. * Refuse DS records received from child zones. * Better exception handling in houseKeeping/handlePolicyHit. * Take initial refresh time from loaded zone.
buildservice-autocommit
accepted
request 818168
from
Adam Majer (adamm)
(revision 141)
baserev update by copy to link target
Adam Majer (adamm)
committed
(revision 140)
Adam Majer (adamm)
committed
(revision 139)
- update to 4.3.2 * Fixes a access restriction bypass vulnerability where ACL applied to the internal web server via webserver-allow-from is not properly enforced, allowing a remote attacker to send HTTP queries to the internal web server, bypassing the restriction. (CVE-2020-14196, bsc#1173302) * improves CNAME loop detection * Fix the handling of DS queries for the root * Fix RPZ removals when an update has several deltas
buildservice-autocommit
accepted
request 807216
from
Adam Majer (adamm)
(revision 138)
baserev update by copy to link target
Adam Majer (adamm)
committed
(revision 137)
- update to 4.3.1 * fixes an issue where records in the answer section of a NXDOMAIN response lacking an SOA were not properly validated (CVE-2020-12244, bsc#1171553) * fixes an issue where invalid hostname on the server can result in disclosure of invalid memory (CVE-2020-10030, bsc#1171553) * fixes an issue in the DNS protocol has been found that allows malicious parties to use recursive DNS services to attack third party authoritative name servers (CVE-2020-10995, bsc#1171553)
buildservice-autocommit
accepted
request 782531
from
Adam Majer (adamm)
(revision 136)
baserev update by copy to link target
Adam Majer (adamm)
accepted
request 782525
from
Wolfgang Rosenauer (wrosenauer)
(revision 135)
The service did not even start up w/o these changes - fixed configuration to make the service start https://docs.powerdns.com/recursor/upgrade.html#x-to-4-3-0-or-master
buildservice-autocommit
accepted
request 781144
from
Adam Majer (adamm)
(revision 134)
baserev update by copy to link target
Adam Majer (adamm)
committed
(revision 133)
- update to 4.3.0: * A relaxed form of QName Minimization as described in rfc7816bis-01. This feature is enabled by default * Dnstap support for outgoing queries to authoritative servers and the corresponding replies. * The recursor now processes a number of requests incoming over a TCP connection simultaneously and will return results (potentially) out-of-order. * Newly Observed Domain (NOD) functionality * For details see https://blog.powerdns.com/2020/03/03/powerdns-recursor-4-3-0-released/
buildservice-autocommit
accepted
request 755197
from
Adam Majer (adamm)
(revision 132)
baserev update by copy to link target
Adam Majer (adamm)
committed
(revision 131)
- update to 4.2.1: * Add deviceName field to protobuf messages * Purge map of failed auths periodically by keeping last changed timestamp. * Prime NS records of root-servers.net parent (.net) * Issue with “zz” abbreviation for IPv6 RPZ triggers * Basic validation of $GENERATE parameters * Fix inverse handler registration logic for SNMP
Displaying revisions 61 - 80 of 210