svn commit: r459742 - head/dns/powerdns-recursor

Tue Jan 23 11:04:08 UTC 2018

Author: krion
Date: Tue Jan 23 11:04:06 2018
New Revision: 459742
URL: https://svnweb.freebsd.org/changeset/ports/459742

Log:
  Update to version 4.1.1
  
  - Fixes "PowerDNS Security Advisory 2018-01: Insufficient validation
    of DNSSEC signatures". An issue has been found in the DNSSEC
    validation component of PowerDNS Recursor, allowing an ancestor
    delegation NSEC or NSEC3 record to be used to wrongfully prove the
    non-existence of a RR below the owner name of that record. This
    would allow an attacker in position of man-in-the-middle to send a
    NXDOMAIN answer for a name that does exist.
    The 4.0.x branch is not vulnerable.
  
  - Add support for algo16 and simplify Lua/LuaJIT engine choice.
  
  PR:		225397
  Submitted by:	maintainer
  Security:	CVE-2018-1000003

Modified:
  head/dns/powerdns-recursor/Makefile
  head/dns/powerdns-recursor/distinfo

Modified: head/dns/powerdns-recursor/Makefile
==============================================================================

--- head/dns/powerdns-recursor/Makefile	Tue Jan 23 10:51:59 2018	(r459741)
+++ head/dns/powerdns-recursor/Makefile	Tue Jan 23 11:04:06 2018	(r459742)
@@ -2,8 +2,7 @@
 # $FreeBSD$
 
 PORTNAME=	recursor
-DISTVERSION=	4.1.0
-PORTREVISION=	3
+DISTVERSION=	4.1.1
 CATEGORIES=	dns ipv6
 MASTER_SITES=	http://downloads.powerdns.com/releases/
 PKGNAMEPREFIX=	powerdns-
@@ -35,30 +34,22 @@ CPE_VENDOR=	powerdns
 
 USE_RC_SUBR=	pdns-recursor
 
-OPTIONS_DEFINE=	OPTALGO SETUID
-OPTIONS_DEFAULT=	LUA SETUID
-OPTIONS_RADIO=	LUA_RG
-OPTIONS_RADIO_LUA_RG=	LUA LUAJIT
-LUAJIT_DESC=		Enable LuaJIT
-LUA_RG_DESC=		Lua Engine
-OPTALGO_DESC=		Enable optional algorithms (12, 15 & 16)
-SETUID_DESC=		Run as pdns_recursor user
-
-LUA_CONFIGURE_WITH=	lua
-LUA_USES=		lua
-
+OPTIONS_DEFINE=		LUAJIT OPTALGO SETUID
+OPTIONS_DEFAULT=	SETUID
 LUAJIT_CONFIGURE_WITH=	luajit
+LUAJIT_DESC=		Use LuaJIT instead of Lua
 LUAJIT_LIB_DEPENDS=	libluajit-5.1.so.2:lang/luajit
-
+LUAJIT_USES_OFF=	lua
 OPTALGO_CONFIGURE_ON=	--enable-botan \
 			--enable-libdecaf \
 			--enable-libsodium
+OPTALGO_DESC=		Enable optional algorithms (12, 15 & 16)
 OPTALGO_LIB_DEPENDS=	libbotan-2.so:security/botan2 \
 			libdecaf.so:security/libdecaf \
 			libsodium.so:security/libsodium
-
-SETUID_VARS=	USERS=pdns_recursor GROUPS=pdns
+SETUID_DESC=		Run as pdns_recursor user
 SETUID_EXTRA_PATCHES=	${PATCHDIR}/extrapatch-setuid
+SETUID_VARS=		USERS=pdns_recursor GROUPS=pdns
 
 SUB_FILES=	pkg-message
 

Modified: head/dns/powerdns-recursor/distinfo
==============================================================================
--- head/dns/powerdns-recursor/distinfo	Tue Jan 23 10:51:59 2018	(r459741)
+++ head/dns/powerdns-recursor/distinfo	Tue Jan 23 11:04:06 2018	(r459742)
@@ -1,3 +1,3 @@
-TIMESTAMP = 1512394122
-SHA256 (pdns-recursor-4.1.0.tar.bz2) = 880b9d4cc57e2b11cae5bff9b20571fb3466f4385c010d06764296fef44f60a3
-SIZE (pdns-recursor-4.1.0.tar.bz2) = 1222751
+TIMESTAMP = 1516634099
+SHA256 (pdns-recursor-4.1.1.tar.bz2) = 8feb03c7141997775cb52c131579e8e34c9896ea8bb77276328f5f6cc4e1396b
+SIZE (pdns-recursor-4.1.1.tar.bz2) = 1224544
