Overview Repositories Revisions Requests Users Attributes Meta

Revisions of pdns-recursor

Ana Guerrero's avatar Ana Guerrero (anag+factory) accepted request 1221286 from Marcus Rueckert's avatar Marcus Rueckert (darix) (revision 69) 
- update to 5.1.2 (boo#1231292 CVE-2024-25590)
  https://doc.powerdns.com/recursor/changelog/5.1.html#change-5.1.2
- drop powerdns-5_1_1-2_fix-build-with-boost-1_86_0.patch included
  in update
Ana Guerrero's avatar Ana Guerrero (anag+factory) accepted request 1204908 from Adam Majer's avatar Adam Majer (adamm) (revision 68) 
- update to 5.1.1
  https://doc.powerdns.com/recursor/changelog/5.1.html#change-5.1.1
  https://doc.powerdns.com/recursor/changelog/5.0.html#change-5.0.8
- add powerdns-5_1_1-2_fix-build-with-boost-1_86_0.patch from arch
  linux to fix building with boost 1.86
- refreshed cargo_build_fix.patch
- track series file for easier patching
- no more conf.dist file. I think we should switch the default
  config in the package to the yaml format maybe
Ana Guerrero's avatar Ana Guerrero (anag+factory) accepted request 1170013 from Adam Majer's avatar Adam Majer (adamm) (revision 66) 
- update to 5.0.4:
  * fixes a case when a crafted responses can lead to a denial of
    service in Recursor if recursive forwarding is configured
    (bsc#1223262, CVE-2024-25583)
- changes in 5.0.3
  * Log if a DNSSEC related limit was hit if log_bogus is set
  * Reduce RPZ memory usage by not keeping the initially loaded
    RPZs in memory
  * Fix the zoneToCache regression introduced by 5.0.2 security
    update
Ana Guerrero's avatar Ana Guerrero (anag+factory) accepted request 1146434 from Adam Majer's avatar Adam Majer (adamm) (revision 65) 
- update to 5.0.2
  * fixes crafted DNSSEC records in a zone can lead to a denial
    of service in Recursor
  https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html
  (bsc#1219823, bsc#1219826, CVE-2023-50387, CVE-2023-50868)

- update to 5.0.1
  https://doc.powerdns.com/recursor/changelog/5.0.html#change-5.0.1
  For upgrade from 4.9.x, see
  https://doc.powerdns.com/recursor/upgrade.html#to-5-0-0-and-master
- cargo_build_fix.patch: add cargo_build parameters to Makefile...
Ana Guerrero's avatar Ana Guerrero (anag+factory) accepted request 1108433 from Factory Maintainer's avatar Factory Maintainer (factory-maintainer) (revision 64) 
Automatic submission by obs-autosubmit
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 1077167 from Adam Majer's avatar Adam Majer (adamm) (revision 63) 
- update to 4.8.4
  * Deterred spoofing attempts can lead to authoritative servers
    being marked unavailable (bsc#1209897, CVE-2023-26437)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 1069900 from Adam Majer's avatar Adam Majer (adamm) (revision 62) 
- update to 4.8.3
  * Fix serve-stale logic to not cause intermittent high CPU load by:
    + correcting the removal of a negative cache entry,
    + correcting the serve-stale main loop regarding exception handling,
    + correctly handle negcache entries with serve-state status.
- changes in version 4.8.2
  * Make cache cleaning of record an negative cache more fair
  * Do not report “not decreasing socket buf size” as an error
  * Do not use “message” as key, it has a special meaning to systemd-journal
  * Add the ‘parse packet from auth’ error message to structured logging
  * Refresh of negcache stale entry might use wrong qtype
  * Do not chain ECS enabled queries
  * Properly encode json string containing binary data
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 1059961 from Adam Majer's avatar Adam Majer (adamm) (revision 61) 
- update to 4.8.1
  * Avoid unbounded recursion when retrieving DS records from some
    misconfigured domains. (bsc#1207342, CVE-2023-22617)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 1042523 from Adam Majer's avatar Adam Majer (adamm) (revision 60) 
- update to 4.8.0 with these major changes:
  * Structured Logging has been implemented for almost all
    subsystems.
  * Optional Serve Stale functionality has been implemented,
    providing resilience against connectivity problems towards
    authoritative servers.
  * Optional Record Locking has been implemented, providing an extra
    layer of protection against spoofing attempts at the price of
    reduced cache efficiency.
  * Internal tables used to track information about authoritative
    servers are now shared instead of per-thread, resulting in
    better performance and lower memory usage.
  * EDNS padding of outgoing DoT queries has been implemented,
    providing better privacy protection.
  * Metrics have been added about the protobuf and dnstap logging
    subsystems and the rcodes received from authoritative
    servers.
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 1040841 from Factory Maintainer's avatar Factory Maintainer (factory-maintainer) (revision 59) 
Automatic submission by obs-autosubmit
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 1000494 from Factory Maintainer's avatar Factory Maintainer (factory-maintainer) (revision 57) 
Automatic submission by obs-autosubmit
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 998985 from Adam Majer's avatar Adam Majer (adamm) (revision 56) 
- update to 4.7.2
  * incomplete exception handling related to protobuf message generation.
    (CVE-2022-37428, bsc#1202664)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 987946 from Adam Majer's avatar Adam Majer (adamm) (revision 55) 
- update to 4.7.1
  * Improvements
    - Allow generic format while parsing zone files for ZoneToCache.
      References: #11724, #11726, pull request 11750
    - Force gzip compression for debian packages (Zash). #11735, PR#11740
  * Bug Fixes
    - Run tasks from housekeeping thread in the proper way, causing queued 
      DoT probes to run more promptly. #11692, PR#11748
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 965587 from Adam Majer's avatar Adam Majer (adamm) (revision 52) 
- fix building against sle-12 backports with gcc-9
- remove obsolete BR on protobuf
- add bundled information to the spec file
- boost_context.patch: Boost.Context detection fix on SLE12
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 964870 from Adam Majer's avatar Adam Majer (adamm) (revision 51) 
- update to 4.6.1
  fixes incomplete validation of incoming IXFR transfer in
  the Recursor. It applies to setups retrieving one or more RPZ
  zones from a remote server if the network path to the server
  is not trusted. (bsc#1197525, CVE-2022-27227)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 942366 from Factory Maintainer's avatar Factory Maintainer (factory-maintainer) (revision 50) 
Automatic submission by obs-autosubmit
Displaying revisions 1 - 20 of 69
openSUSE Build Service is sponsored by
Places