Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Backports:SLE-12-SP4
patchinfo.17447
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.17447
<patchinfo incident="17447"> <category>security</category> <issue id="1176535" tracker="bnc"/> <issue id="1188495" tracker="bnc"/> <issue id="1197525" tracker="bnc"/> <issue id="2020-17482" tracker="cve" /> <issue id="2021-36754" tracker="cve" /> <issue id="2022-27227" tracker="cve" /> <rating>moderate</rating> <packager>adamm</packager> <summary>Security update for pdns</summary> <description> This update for pdns brings the following changes: Update to 4.6.1: * fixes incomplete validation of incoming IXFR transfer for secondary zones for which IXFR transfers have been enabled and the network path to the primary server is not trusted. Note that IXFR transfers are not enabled by default. (CVE-2022-27227, bsc#1197525) Update to 4.6.0: * New Features - support for incoming PROXY headers - support for EDNS cookies - autoprimary management via pdnsutil and the API * Improvements - add zone removal to the zone cache (Kees Monshouwer) - docker images: Remove capability requirements * Bug Fixes - pdnsutil edit-zone: fix n and e behaviour on increase-serial prompt - lmdb: check if the lookup name is part of the zone (Kees Monshouwer) - lmdb: fix records removal in deleteDomain(); improve tcp exception handling Update to 4.5.3: * Improvements - 2136: improve some log messages * Bug Fixes - lmdb, check if the lookup name is part of the zone - pdnsutil edit-zone: fix n and e behaviour on increase-serial prompt - improve tcp exception handling - lmdb: fix records removal in deleteDomain() - 2136: apply new TTL to whole RRset, not only to the added record Update to 4.5.2 with bug fixes: * bindbackend: skip rejected zones during list and search PR#10968 * make the zone cache more robust for bad data and save some SOA queries for DNSSEC zones PR#10964 * api, check SOA location PR#10962 * improve dnsname exception handling for SOA records PR#10952 * improve SOA parse exception handling PR#10792 * try to reload rejected zones in bind-backend once every bind-check-interval PR#10778 Update to 4.5.1 * Fixes a remote DoS when server receives query with QTYPE 65535 (bsc#1188495, CVE-2021-36754) Update to 4.5.0 * With version 4.5.0, support for platforms with a time_t type smaller than 64 bits is dropped. * The ‘zone cache’, which allows PowerDNS to keep a list of zones in memory, updated periodically. * Priority ordering in the AXFR queue in PowerDNS running as a secondary. * Small improvements and fixes. Update to 4.4.1 * Improvements - debian packaging update #9965 - dockerfiles: do not claim equivs-dummy is built from the pdns source package #9953 - Fix missing #include for gcc-11#9952 - lmdb: Do a mdb_readers_check to clean up stale readers on database load #9946 * Bug Fixes - fix TCP answer counters #10008 - run deleteDomain() inside a transaction #10039 - lmdb: do not reuse backend that has seen corrupted data #9985 - lmdb: serialise LMDBBackend construction to ensure only a single schema upgrade is attempted #9949 - backport some asan/ubsan fixes #9923 - pdnsutil edit-zone: do not exit on ZoneParser exception #9912 Update to 4.4.0 * the LMDB backend now supports long record content, making it production ready for everybody * the SVCB and HTTPS record types are supported, with limited additional processing * transaction handling in the 2136 handler and the HTTP API was again improved a lot, avoiding various spurious issues users may have noticed if they do a lot of changes * a new setting (consistent-backends) offers a roughly 30% speedup, subject to conditions * we finally emit Prometheus metrics! - Drop GSS-TSIG support in the spec file as it's a removed from the upcoming 4.4.0 version due to security issues and lack of testing https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2020-06.html Update to 4.3.1 especially a security fix for PowerDNS Security Advisory 2020-05 (CVE-2020-17482, bsc#1176535) Other improvements and bug fixes include, * gpgsql: Reintroduce prepared statements * Handle the extra single-row result set of MySQL stored procedures For details, see https://doc.powerdns.com/authoritative/changelog/4.3.html#change-4.3.1 Update to 4.3.0: A lot of internals have been reworked, with some visible changes for users. If you read the upgrade notes for a beta or RC, please read them again! A notable new feature in 4.3 is support for hiding DNSSEC keys, which makes it possible to do algorithm rollovers. This feature was contributed by Robin Geuze of TransIP, thanks! Another interesting new feature is support for automatically publishing CDS/CDNSKEY records with a single pdns.conf setting. Please note that 4.3.0 comes with a mandatory database schema upgrade. https://doc.powerdns.com/authoritative/upgrading.html#x-to-4-3-0 Update to 4.2.1: New features * Add SLAVE-RENOTIFY zone metadata support * Add configurable timeout for inbound * for gmysql backend, add an option to send the SSL capability flag Improvements * Register a few known RR types * bindbackend: use metadata for also-notifies as well * pdnsutil increase-serial: under SOA-EDIT=INCEPTION-EPOCH, bump as if it is EPOCH * API: optionally do not return dnssec info in domain list Bug Fixes * LUA view: do not crash on empty IP list * API: Accept headers without spaces * Avoid database state-related SERVFAILs after a LUA error * Fix broken edit-zone and other features with the LMDB backend * rfc2136, pdnsutil: somewhat improve duplicate record handling Update to 4.2.0: - New features: * Lua records * ixfrdist * a new LMDB backend - Important functional changes: * the default UDP response size limit has been changed from 1680 to 1232 * the autoserial feature has been removed Update to 4.1.13: * #8157: gpgsqlbackend: add missing schema file to Makefile * #8162: stop using select() in places where FDs can be >1023 </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor