File pdns-recursor.changes of Package pdns-recursor
-------------------------------------------------------------------
Wed Apr 28 09:53:33 UTC 2010 - mrueckert@suse.de
- create /var/run/pdns directory in the init script and package it
as ghost.
-------------------------------------------------------------------
Fri Mar 12 12:01:31 UTC 2010 - mrueckert@suse.de
- update to version 3.2
The 3.2 release is the first major release of the PowerDNS
Recursor in a long time. Partly this is because 3.1.7.*
functioned very well, and delivered satisfying performance,
partly this is because in order to really move forward, some
heavy lifting had to be done.
This version of the PowerDNS Recursor contains a rather novel
form of lock-free multithreading, a situation that comes close to
the old '--fork' trick, but allows the Recursor to fully utilize
multiple CPUs, while delivering unified statistics and
operational control.
In effect, this delivers the best of both worlds: near linear
scaling, with almost no administrative overhead.
http://doc.powerdns.com/changelog.html#CHANGELOG-RECURSOR-3-2
- patches dropped:
pdns-recursor-3.1.7.1_atomicity.patch
pdns-recursor-3.1.7.1_lua.patch
- patches refreshed for the update:
old name: pdns-recursor-3.1.7.1-strip.patch
new name: pdns-recursor-3.2rc1-strip.patch
old name: pdns-recursor-3.1.7.2_config.patch
new name: pdns-recursor-3.2_config.patch
-------------------------------------------------------------------
Fri Jan 8 04:33:27 UTC 2010 - mrueckert@suse.de
- update to version 3.1.7.2
This release consist of a number of vital security updates. These
updates address issues that can in all likelihood lead to a full
system compromise. In addition, it is possible for third parties
to pollute your cache with dangerous data, exposing your users to
possible harm.
http://rtfm.powerdns.com/powerdns-advisory-2010-01.html
http://rtfm.powerdns.com/powerdns-advisory-2010-02.html
CVE-2009-4009
-------------------------------------------------------------------
Wed Nov 11 17:34:48 CET 2009 - mrueckert@suse.de
- update to version 3.1.7.1
This release consists entirely of fixes for tiny bugs that have
been reported over the past year. In addition, compatibility has
been restored with the latest versions of the gcc compiler and
the 'boost' libraries.
No features have been added, but some debugging code that very
slightly impacted performance (and polluted the console when
operating in the foreground) has been removed.
- Improved error messages when parsing zones for authoritative
serving (commit 1235).
- Better resilience against whitespace in configuration
(changesets 1237, 1240, 1242)
- Slight performance increase (commit 1378)
- Fix rare case where timeouts were not being reported to the
right query-thread (commit 1260)
- Fix compilation against newer versions of the Boost C++
libraries (commit 1381)
- Close very rare issue with TCP/IP close reporting ECONNRESET on
FreeBSD. Reported by Andrei Poelov in ticket 192.
- Silence debugging output (commit 1286).
- Fix compilation against newer versions of gcc (commit 1384)
- No longer set export-etc-hosts to 'on' on reload-zones.
Discovered by Paul Cairney, closes ticket 225.
- Sane default for the maximum cache size in the Recursor,
suggested by Roel van der Made (commit 1354).
- No longer exit because of the changed behaviour of the Solaris
'completion ports' in more recent versions of Solaris. Fix in
commit 1372, reported by Jan Gyselinck
- update to version 3.1.7
This version contains powerful scripting abilities, allowing
operators to modify DNS responses in many interesting ways. Among
other things, these abilities can be used to filter out malware
domains, to perform load balancing, to comply with legal and
other requirements and finally, to implement 'NXDOMAIN'
redirection.
It is hoped that the addition of Lua scripting will enable
responsible DNS modification for those that need it.
For more details about the Lua scripting, which can be modified,
loaded and unloaded at runtime, see Section 12.6. Many thanks are
due to the #lua irc channel, for excellent near-realtime Lua
support. In addition, a number of PowerDNS users have been
enthousiastically testing prereleases of the scripting support,
and have found and solved many issues.
- In 3.1.5 and 3.1.6, an authoritative server could continue to
renew its authority, even though a domain had been delegated to
other servers in the meantime.
- In the rare cases where this happened, and the old servers were
not shut down, the observed effect is that users were fed
outdated data.
- Bug spotted and analysed by Darren Gamble, fix in commit 1182
and commit 1183.
- Thanks to long time PowerDNS contributor Stefan Arentz, for the
first time, Mac OS X 10.5 users can compile and run the
PowerDNS Recursor! Patch in commit 1185.
- Sten Spans spotted that for outgoing TCP/IP queries, the
query-local-address setting was not honored. Fixed in commit
1190.
- rec_control wipe-cache now also wipes domains from the negative
cache, hurrying up the expiry of negatively cached records.
Suggested by Simon Kirby, implemented in commit 1204.
- When a forwarder server is configured for a domain, using the
forward-zones setting, this server IP address was filtered
using the dont-query setting, which is generally not what is
desired: the server to which queries are forwarded will often
live in private IP space, and the operator should be trusted to
know what he is doing. Reported and argued by Simon Kirby, fix
in commit 1211.
- Marcus Rueckert of OpenSUSE reported that very recent gcc
versions emitted a (correct) warning on an overly complicated
line in syncres.cc, fixed in commit 1189.
- Stefan Schmidt discovered that the netmask matching code, used
by the new Lua scripts, but also by all other parts of
PowerDNS, had problems with explicit '/32' matches. Fixed in
commit 1205.
- added pdns-recursor-3.1.7.1_lua.patch
fix linking with lua
- dropping patches included upstream:
pdns-recursor-3.1.4_char_casting.patch
pdns-recursor-3.1.4_r965.patch
pdns-recursor-3.1.4_gcc43.patch
- refreshed patches:
old: pdns-recursor-3.1.3-strip.patch
new: pdns-recursor-3.1.7.1-strip.patch
old: pdns-recursor-3.1.4_atomicity.patch
new: pdns-recursor-3.1.7.1_atomicity.patch
old: pdns-recursor-3.1.4_config.patch
new: pdns-recursor-3.1.7.1_config.patch
-------------------------------------------------------------------
Tue Jun 9 15:40:32 CEST 2009 - coolo@novell.com
- fix build with gcc 4.4
-------------------------------------------------------------------
Thu Nov 20 15:48:47 CET 2008 - mrueckert@suse.de
- fix typo in pdns-recursor-3.1.5_config.patch: (bnc#446608)
pdns_recursor was looking for the config file in the wrong path
- added pdns-recursor-3.1.7_lua.patch:
use pkg-config to find the CFLAGS/LIBS for the lua support
-------------------------------------------------------------------
Thu Nov 6 15:59:34 CET 2008 - mrueckert@suse.de
- added pdns-recursor-3.1.7_new_boost_exceptions.patch:
clearify the referenced exception class
-------------------------------------------------------------------
Mon Sep 8 15:17:27 CEST 2008 - anosek@suse.cz
- updated to version 3.1.7
* this version contains powerful scripting abilities, allowing
operators to modify DNS responses in many interesting ways.
Among other things, these abilities can be used to filter out
malware domains, to perform load balancing, to comply with legal
and other requirements and finally, to implement 'NXDOMAIN'
redirection.
* number of bugfixes
- dropped obsoleted patches:
(svn_fixes.patch) (make_it_compile.patch)
-------------------------------------------------------------------
Tue May 20 15:18:16 CEST 2008 - mrueckert@suse.de
- backport the fixes from 3.1.6
- The new high-quality random generator was not used for all
random numbers, especially in source port selection.
(bnc#375400)
- fix issue resolving popular domains where one of the
nameservers is suffering from a timeout.
- added pdns-recursor-3.1.6_make_it_compile.patch:
missing <limits> include broke build
- added pdns-recursor-3.1.6_parentheses_warning.patch:
fix small warning about missing parentheses (disabled for now)
-------------------------------------------------------------------
Wed Apr 2 11:50:30 CEST 2008 - anosek@suse.cz
- updated to version 3.1.5
New features:
* Implemented rec_control command get uptime
* The Recursor Authorative component, meant for having
the Recursor serve some zones authoritatively, now supports
$INCLUDE and $GENERATE.
* Implemented forward-zones-file option in order to support
larger amounts of zones which should be forwarded
to another nameserver.
* Both forward-zones and forward-zones-file can now specify
multiple forwarders per domain.
* Sten Spans contributed allow-from-file. This feature allows
the Recursor to read access rules from a (large) file.
Several improvements and bugfixes as well
- fixes VUL-0: pdns DNS spoofing vulnerability (bnc#375400)
- dropped patches applied by upstream:
(char_casting.patch), (r965.patch), (gcc43.patch)
-------------------------------------------------------------------
Sun Oct 28 19:58:38 CET 2007 - mrueckert@suse.de
- added pdns-recursor-3.1.4_gcc43.patch:
fix all warnings in pdns-recursor. (patch is upstream)
-------------------------------------------------------------------
Wed Jul 25 00:23:32 CEST 2007 - mrueckert@suse.de
- added pdns-recursor-3.1.4_r965.patch:
fix building on 10.0
-------------------------------------------------------------------
Wed Feb 28 13:33:08 CET 2007 - mrueckert@suse.de
- added pdns-recursor-3.1.4_atomicity.patch:
The optimized code in recursor_cache.cc is included in gcc 4.2.
Proper #if to use it only with older gcc.
- added pdns-recursor-3.1.4_char_casting.patch
Don't cast string constants to char*.
-------------------------------------------------------------------
Tue Nov 14 13:40:12 CET 2006 - mrueckert@suse.de
- update to version 3.1.4
This release contains two important security fixes, which should also solve
the very rare reports of stability problems. Additionally, a new class of
misconfigured domains will now always be resolved correctly, instead of
intermittently.
- removed patches applied upstream:
pdns-recursor-3.1.3_2006-02.patch
pdns-recursor-3.1.3_cve-2006-4251.patch
pdns-recursor-3.1.3_implicit_declarations.patch
-------------------------------------------------------------------
Mon Nov 13 16:11:47 CET 2006 - mrueckert@suse.de
- added pdns-recursor-3.1.3_2006-02.patch:
fix an endless recursion in CNAME handling [#219355]
-------------------------------------------------------------------
Sat Nov 11 22:52:52 CET 2006 - mrueckert@suse.de
- added pdns-recursor-3.1.3_cve-2006-4251.patch:
fix a stack corruption with malformed packages [#219355]
- added pdns-recursor-3.1.3_implicit_declarations.patch:
fix an implicit declaration warning from gcc
http://wiki.powerdns.com/cgi-bin/trac.fcgi/changeset/920
-------------------------------------------------------------------
Mon Nov 6 19:58:30 CET 2006 - schwab@suse.de
- Don't strip binaries.
-------------------------------------------------------------------
Mon Oct 23 18:08:19 CEST 2006 - mrueckert@suse.de
- initial package of version 3.1.3
