"--with-libiconv=${LOCALBASE}" at systems pre OSVERSION 100043 and "" (null)
otherwise;
. convert all ports which has CONFIGURE_ARGS=--with-libiconv=${LOCALBASE}.
Approved by: portmgr (bapt, implicit)
after r254273
- Fix a bunch of ports to properly work after this
- Mark converters/libiconv as IGNORE for systems with iconv in libc
Reviewed by: bapt
Approved by: portmgr (bapt)
Discussed with: bapt, bsam (who both contributed ideas and code)
- Depend on Botan 1.10 and make it new default
- Both Botan and Crypto++ can be compiled in now
- Support MySQL forks like MariaDB
- Ability to choose embedded or system-installed PolarSSL
- Convert USE_GMAKE to USES
- Use EXAMPLES OPTION in plce of NOPORTEXAMPLES
Changelog: http://rtfm.powerdns.com/changelog.html#changelog-auth-3-3
PR: ports/180875
Submitted by: Ralf van der Enden <tremere@cainites.net> (maintainer)
https://kb.isc.org/article/AA-01015/0
9.9.3-p1 -> 9.9.3-P2
9.8.5-p1 -> 9.8.5-P2
9.6.x is not affected, neither is 10.x.
Security: CVE-2013-4854 Remote DOS
- Add EUI_RRTYPES option
While here:
- Remove leading article from COMMENT
- Convert tab to space in WWW: line
PR: ports/180741
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
changelog:
- 1.11.0 is mostly a bug fix release, but two new features are support
for the $GENERATE syntax and the TLSA RR type.
- A number of bugs have been fixed as well.
- Python 2.4 or later is required.
- Change pkgconfig:build to pkgconfig since it's the same and it's bad practice.
It accidentally slipped in during the original introduction
- Trim header
It consists of a client that regularly sends UDP packets and a
server that updates a bind zone file or runs a command using the
peer IPv4 address of recieved UDP packets.
WWW: http://fossil.instinctive.eu/ddns/home
PR: ports/179316
Submitted by: Natacha Porte <natbsd@instinctive.eu>
Security Fixes
Prevents exploitation of a runtime_check which can crash named
when satisfying a recursive query for particular malformed zones.
(CVE-2013-3919) [RT #33690]
Now supports NAPTR regular expression validation on all platforms,
and avoids memory exhaustion compiling pathological regular
expressions. (CVE-2013-2266) [RT #32688]
Prevents named from aborting with a require assertion failure
on servers with DNS64 enabled. These crashes might occur as a
result of specific queries that are received. (CVE-2012-5688)
[RT #30792 / #30996]
Prevents an assertion failure in named when RPZ and DNS64 are
used together. (CVE-2012-5689) [RT #32141]
See release notes for further features and bug fixes:
https://kb.isc.org/article/AA-00970/0/BIND-9.9.3-P1-Extended-Support-Version-Release-Notes.html
Security: CVE-2013-3919
CVE-2013-2266
CVE-2012-5688
CVE-2012-5689
Security Fixes
Prevents exploitation of a runtime_check which can crash named
when satisfying a recursive query for particular malformed zones.
(CVE-2013-3919) [RT #33690]
A deliberately constructed combination of records could cause
named to hang while populating the additional section of a
response. (CVE-2012-5166) [RT #31090]
Now supports NAPTR regular expression validation on all platforms,
and avoids memory exhaustion compiling pathological regular
expressions. (CVE-2013-2266) [RT #32688]
Prevents named from aborting with a require assertion failure
on servers with DNS64 enabled. These crashes might occur as a
result of specific queries that are received. (CVE-2012-5688)
[RT #30792 / #30996]
Prevents an assertion failure in named when RPZ and DNS64 are
used together. (CVE-2012-5689) [RT #32141]
See release notes for further features and bug fixes:
https://kb.isc.org/article/AA-00969/0/BIND-9.8.5-P1-Release-Notes.html
Security: CVE-2013-3919
CVE-2012-5166
CVE-2013-2266
CVE-2012-5688
CVE-2012-5689
Security Fixes
Prevents exploitation of a runtime_check which can crash named
when satisfying a recursive query for particular malformed zones.
(CVE-2013-3919) [RT #33690]
Prevents a named assert (crash) when validating caused by using
"Bad cache" data before it has been initialized. [CVE-2012-3817]
[RT #30025]
A condition has been corrected where improper handling of
zero-length RDATA could cause undesirable behavior, including
termination of the named process. [CVE-2012-1667] [RT #29644]
See release notes for further features and bug fixes:
https://kb.isc.org/article/AA-00968/0/BIND-9.6-ESV-R9-P1-Release-Notes.html
Security: CVE-2013-3919
CVE-2012-3817
CVE-2012-1667
- address the issue raised by Bob Harold. RRL on recursive servers
applies rate limits after waiting for recursion except on
sub-domains of domains for which the server is authoritative.
- fix the bug reported by Roy Arends in which "slipped" NXDOMAIN
responses had rcode values of 0 (NoError) instead of 3 (NXDOMAIN).
- move reports of RRL drop and slip actions from the "queries"
log category to the "query-errors" category. Because they are not
in the "queres" category, enabling or disabling query logging no
longer affects them.
Changelog is here:
http://doc.powerdns.com/html/changelog.html#changelog-recursor-3.5.1
Also pet the Makefile:
- Change ${LOCALBASE} to ${PREFIX} where applicable
- Fix overwrite of recursor.conf by changing to bsd.port.pre/post.mk (and
thus fixing ${PREFIX})
PR: ports/178340
Submitted by: Ralf van der Enden <tremere@cainites.net>
Approved by: Sten Spans <sten@blinkenlights.nl> (maintainer)
for domain name registries/registrars/resellers
what Perl DBI is for databases.
Net::DRI offers a uniform API to access services.
It can be used by registrars to access registries.
It can be used by clients to access registrars and/or resellers.
It can be used by anonyone to do whois, DAS or IRIS DCHK queries.
WWW: http://search.cpan.org/dist/Net-DRI/
PR: ports/178298
Submitted by: Mark Felder <feld@feld.me>
