summary |
shortlog | log |
commit |
commitdiff |
tree
first ⋅ prev ⋅ next
Raspbian automatic forward porter [Sun, 30 Jun 2024 11:57:39 +0000 (12:57 +0100)]
Merge version 4.1.11-1+rpi1+deb10u1 and 4.1.11-1+deb10u2 to produce 4.1.11-1+rpi1+deb10u2
Daniel Leidert [Mon, 18 Mar 2024 22:34:27 +0000 (23:34 +0100)]
Merge pdns-recursor (4.1.11-1+deb10u2) import into refs/heads/workingbranch
Otto Moerbeek [Mon, 12 Oct 2020 08:08:08 +0000 (10:08 +0200)]
Backport of CVE-2020-25829 (any-cache-update) to 4.1.x
An issue has been found in PowerDNS Recursor before 4.1.18, 4.2.x before 4.2.5,
and 4.3.x before 4.3.5. A remote attacker can cause the cached records for a
given name to be updated to the Bogus DNSSEC validation state, instead of their
actual DNSSEC Secure state, via a DNS ANY query. This results in a denial of
service for installation that always validate (dnssec=validate), and for
clients requesting validation when on-demand validation is enabled
(dnssec=process).
Origin: https://github.com/PowerDNS/pdns/commit/
77409aab0be43071b365760213894d6388c3df30.patch
Bug: https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2020-07.html
Bug-Debian: https://bugs.debian.org/972159
Reviewed-by: Daniel Leidert <dleidert@debian.org>
Gbp-Pq: Name CVE-2020-25829.patch
Otto Moerbeek [Tue, 30 Jun 2020 11:46:54 +0000 (13:46 +0200)]
Backport of acl check to 4.1.x
An issue has been found in PowerDNS Recursor where the ACL applied to the
internal web server via `webserver-allow-from` is not properly enforced,
allowing a remote attacker to send HTTP queries to the internal web server,
bypassing the restriction.
Note that the web server is not enabled by default. Only installations using a
non-default value for `webserver` and `webserver-address` are affected.
Workarounds are: disable the webserver or set a password or an API key.
Additionally, restrict the binding address using the `webserver-address`
setting to local addresses only and/or use a firewall to disallow web requests
from untrusted sources reaching the webserver listening address.
Bug: https://www.openwall.com/lists/oss-security/2020/07/01/1
Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=964103
Origin: https://github.com/PowerDNS/pdns/commit/
e81271189216dbf2850c6d4461dfc3f37c731ac8.patch
Reviewed-by: Daniel Leidert <dleidert@debian.org>
Gbp-Pq: Name CVE-2020-14196.patch
pdns-recursor packagers [Mon, 18 Mar 2024 22:34:27 +0000 (23:34 +0100)]
ns-ampl-4.1.15
===================================================================
Gbp-Pq: Name ns-ampl-4.1.15.diff
pdns-recursor packagers [Mon, 18 Mar 2024 22:34:27 +0000 (23:34 +0100)]
hostname-4.1.15
===================================================================
Gbp-Pq: Name hostname-4.1.15.diff
pdns-recursor packagers [Mon, 18 Mar 2024 22:34:27 +0000 (23:34 +0100)]
bogus-empty-nxd-4.1.15
===================================================================
Gbp-Pq: Name bogus-empty-nxd-4.1.15.diff
pdns-recursor packagers [Mon, 18 Mar 2024 22:34:27 +0000 (23:34 +0100)]
stack-size
Gbp-Pq: Name stack-size
pdns-recursor packagers [Mon, 18 Mar 2024 22:34:27 +0000 (23:34 +0100)]
testrunner-log-verbosity
===================================================================
Gbp-Pq: Name testrunner-log-verbosity
Daniel Leidert [Mon, 18 Mar 2024 22:34:27 +0000 (23:34 +0100)]
pdns-recursor (4.1.11-1+deb10u2) buster; urgency=medium
* Non-maintainer upload by the Debian LTS Team.
* debian/patches/CVE-2020-14196.patch: Added (CVE-2020-14196).
- Add patch to enforce 'webserver-allow-from' ACL (closes: #964103).
* debian/patches/CVE-2020-25829.patch: Added (CVE-2020-25829).
- Add patch to fix DoS (closes: #972159).
[dgit import unpatched pdns-recursor 4.1.11-1+deb10u2]
Daniel Leidert [Mon, 18 Mar 2024 22:34:27 +0000 (23:34 +0100)]
Import pdns-recursor_4.1.11-1+deb10u2.debian.tar.xz
[dgit import tarball pdns-recursor 4.1.11-1+deb10u2 pdns-recursor_4.1.11-1+deb10u2.debian.tar.xz]
Raspbian automatic forward porter [Sat, 23 May 2020 08:57:25 +0000 (09:57 +0100)]
Merge version 4.1.11-1+rpi1 and 4.1.11-1+deb10u1 to produce 4.1.11-1+rpi1+deb10u1
Chris Hofstaedtler [Tue, 19 May 2020 08:52:06 +0000 (09:52 +0100)]
Merge pdns-recursor (4.1.11-1+deb10u1) import into refs/heads/workingbranch
pdns-recursor packagers [Tue, 19 May 2020 08:52:06 +0000 (09:52 +0100)]
ns-ampl-4.1.15
===================================================================
Gbp-Pq: Name ns-ampl-4.1.15.diff
pdns-recursor packagers [Tue, 19 May 2020 08:52:06 +0000 (09:52 +0100)]
hostname-4.1.15
===================================================================
Gbp-Pq: Name hostname-4.1.15.diff
pdns-recursor packagers [Tue, 19 May 2020 08:52:06 +0000 (09:52 +0100)]
bogus-empty-nxd-4.1.15
===================================================================
Gbp-Pq: Name bogus-empty-nxd-4.1.15.diff
pdns-recursor packagers [Tue, 19 May 2020 08:52:06 +0000 (09:52 +0100)]
stack-size
Gbp-Pq: Name stack-size
pdns-recursor packagers [Tue, 19 May 2020 08:52:06 +0000 (09:52 +0100)]
testrunner-log-verbosity
===================================================================
Gbp-Pq: Name testrunner-log-verbosity
Chris Hofstaedtler [Tue, 19 May 2020 08:52:06 +0000 (09:52 +0100)]
pdns-recursor (4.1.11-1+deb10u1) buster-security; urgency=high
* Fix security issues CVE-2020-10995 CVE-2020-12244 CVE-2020-10030
[dgit import unpatched pdns-recursor 4.1.11-1+deb10u1]
Chris Hofstaedtler [Tue, 19 May 2020 08:52:06 +0000 (09:52 +0100)]
Import pdns-recursor_4.1.11-1+deb10u1.debian.tar.xz
[dgit import tarball pdns-recursor 4.1.11-1+deb10u1 pdns-recursor_4.1.11-1+deb10u1.debian.tar.xz]
Raspbian automatic forward porter [Sat, 16 Mar 2019 01:03:44 +0000 (01:03 +0000)]
Merge version 4.1.4-3+rpi1 and 4.1.11-1 to produce 4.1.11-1+rpi1
Chris Hofstaedtler [Sun, 3 Feb 2019 15:02:43 +0000 (15:02 +0000)]
Import pdns-recursor_4.1.11.orig.tar.bz2
[dgit import orig pdns-recursor_4.1.11.orig.tar.bz2]
Chris Hofstaedtler [Sun, 3 Feb 2019 15:02:43 +0000 (15:02 +0000)]
Merge pdns-recursor (4.1.11-1) import into refs/heads/workingbranch
pdns-recursor packagers [Sun, 3 Feb 2019 15:02:43 +0000 (15:02 +0000)]
stack-size
Gbp-Pq: Name stack-size
pdns-recursor packagers [Sun, 3 Feb 2019 15:02:43 +0000 (15:02 +0000)]
testrunner-log-verbosity
===================================================================
Gbp-Pq: Name testrunner-log-verbosity
Chris Hofstaedtler [Sun, 3 Feb 2019 15:02:43 +0000 (15:02 +0000)]
pdns-recursor (4.1.11-1) unstable; urgency=medium
* New upstream version 4.1.11
* Upstream has applied the patch introduced in 4.1.10-2, remove it.
[dgit import unpatched pdns-recursor 4.1.11-1]
Chris Hofstaedtler [Sun, 3 Feb 2019 15:02:43 +0000 (15:02 +0000)]
Import pdns-recursor_4.1.11-1.debian.tar.xz
[dgit import tarball pdns-recursor 4.1.11-1 pdns-recursor_4.1.11-1.debian.tar.xz]
Peter Michael Green [Wed, 31 Oct 2018 01:49:15 +0000 (01:49 +0000)]
Merge pdns-recursor (4.1.4-3+rpi1) import into refs/heads/workingbranch
pdns-recursor packagers [Wed, 31 Oct 2018 01:49:15 +0000 (01:49 +0000)]
stack-size
Gbp-Pq: Name stack-size
pdns-recursor packagers [Wed, 31 Oct 2018 01:49:15 +0000 (01:49 +0000)]
testrunner-log-verbosity
===================================================================
Gbp-Pq: Name testrunner-log-verbosity
Chris Hofstaedtler [Fri, 10 Aug 2018 16:26:23 +0000 (18:26 +0200)]
Add pdnslog to Lua configuration scripts
Gbp-Pq: Name 0001-Add-pdnslog-to-Lua-configuration-scripts.patch
Peter Michael Green [Wed, 31 Oct 2018 01:49:15 +0000 (01:49 +0000)]
pdns-recursor (4.1.4-3+rpi1) buster-staging; urgency=medium
* Add -latomic to ldflags.
[dgit import unpatched pdns-recursor 4.1.4-3+rpi1]
Peter Michael Green [Wed, 31 Oct 2018 01:49:15 +0000 (01:49 +0000)]
Import pdns-recursor_4.1.4-3+rpi1.debian.tar.xz
[dgit import tarball pdns-recursor 4.1.4-3+rpi1 pdns-recursor_4.1.4-3+rpi1.debian.tar.xz]
pdns-recursor packagers [Sun, 9 Sep 2018 19:29:51 +0000 (20:29 +0100)]
stack-size
Gbp-Pq: Name stack-size
pdns-recursor packagers [Sun, 9 Sep 2018 19:29:51 +0000 (20:29 +0100)]
testrunner-log-verbosity
===================================================================
Gbp-Pq: Name testrunner-log-verbosity
Chris Hofstaedtler [Fri, 10 Aug 2018 16:26:23 +0000 (18:26 +0200)]
Add pdnslog to Lua configuration scripts
Gbp-Pq: Name 0001-Add-pdnslog-to-Lua-configuration-scripts.patch
Chris Hofstaedtler [Sun, 9 Sep 2018 19:29:51 +0000 (20:29 +0100)]
pdns-recursor (4.1.4-3) unstable; urgency=medium
* Run MTasker test with the stack-size pdns_recursor would use
[dgit import unpatched pdns-recursor 4.1.4-3]
Chris Hofstaedtler [Sun, 9 Sep 2018 19:29:51 +0000 (20:29 +0100)]
Import pdns-recursor_4.1.4-3.debian.tar.xz
[dgit import tarball pdns-recursor 4.1.4-3 pdns-recursor_4.1.4-3.debian.tar.xz]
Chris Hofstaedtler [Mon, 3 Sep 2018 07:55:52 +0000 (08:55 +0100)]
Import pdns-recursor_4.1.4.orig.tar.bz2
[dgit import orig pdns-recursor_4.1.4.orig.tar.bz2]
projects / pdns-recursor.git / log