* Improvements
+ rpm: Change home directory to /var/lib/pdns
+ m4: Add option for 64-bit time_t on 32-bit systems with glibc-2.34 (Sven Wegener)
+ Wrap backend factories in smart pointers
+ (optionally) drop whitespace on join
* Bug Fixes
+ autoconf: allow prerelease systemd versions (Chris Hofstaedtler)
+ ixfrdist: Fix broken ‘uid’ and ‘gid’ parsing for non-numerical values
+ YaHTTP: Enforce max # of request fields and max request line size
+ Fix memory leaks in the bind file format parser
+ dnsproxy: fix build on s390x (Chris Hofstaedtler)
+ pdnsutil check-zone: accept LUA A/AAAA as SVCB address targets
+ Properly finalize PKCS11 modules before releasing them (Aki Tuomi)
+ don’t crash when a catalog SOA is invalid
+ debian: adjust option name in shipped postinst
OBS-URL: https://build.opensuse.org/package/show/server:dns/pdns?expand=0&rev=253
Update to version 4.9.0
For details, see
https://doc.powerdns.com/authoritative/changelog/4.9.html
old: server:dns/pdns
new: home:jgwang:branches:server:dns/pdns rev None
Index: pdns.changes
===================================================================
--- pdns.changes (revision 249)
+++ pdns.changes (revision 2)
@@ -1,4 +1,80 @@
-------------------------------------------------------------------
+Tue Mar 26 03:49:22 UTC 2024 - jun wang <jgwang@suse.com>
+
+- Update to version 4.9.0
+ * New Features
+ + LUA dblookup: switch qtype argument to int
+ + LUA: support returning empty set in filterForward #13879
+ + ixfrdist: add support for outgoing notify
+ + LUA records, pickchashed function
+ + Add Lua function to pick records via name hash
+ + LUA records: add dblookup function
+ + add a configurable delay for notifications
+ + Add and document a localwho() function for LUA records
+ + forward EDNS Client Subnet option during ALIAS processing
+ + add loglevel-show setting to get logs formatted like
+ structured logs
+ + ixfrdist: add NOTIFY receive support
+ + dnsscope: Add a –port option to select a custom port
+ + sdig: add rudimentary EDE output
+ + add default-catalog-zone setting
+ + API: replace zone contents et al
+ + geoipbackend: Support reading zones from directory
+ * Improvements
+ + on OpenBSD, try harder to send on a non-blocking socket
+ + Docker: Only print config if debug flag is set
+ + API: reject priority element in record
+ + dnsname: Optimize parsing of uncompressed labels
+ + Log port with all freshness check failure scenarios
+ + DNSName: correct len and offset types
+ + getAllDomains catalog: avoid useless copy
+ + LUA createForward: allow non-hex word prefix
+ + iputils: avoid unused warnings on !linux
+ + Remove the extern`ed `StatBag from ws-auth
+ + allow building in separate build directory
+ + Move method checking to Router
+ + Add supervisor to Auth container image
+ + Remove legacy terms from the codebase
+ + Wrap DIR* objects in unique pointers to prevent memory leaks
+ + bindparser add primary/secondary/etc. keywords
+ + Netmask: Normalize subnet masks coming from a string
+ + Report auth settings deprecated in 4.5
+ + Improve error message for missing GSS-TSIG feature
+ + Print the list of loaded modules next to the config.h preset
+ + Change the default for building with net-snmp from auto
+ to no
+ + harmonize *xfr log messages
+ + Refactor the MultiThreadDistributor using pdns::channel
+ + report which backend failed to instantiate
+ + add remote to logs when tcp thread dies
+ + Add missing tools to pdns-tools package description
+ + pkcs11signers: If private key object has
+ CKA_ALWAYS_AUTHENTICATE attribute, perform
+ CKU_CONTEXT_SPECIFIC login after OperationInit to make it
+ actually work
+ + wait for mysql.service
+ + bump sdist builders to alpine 3.18
+ + new option 'ignore-errors' for setting
+ 'outgoing-axfr-expand-alias'
+ * Bug Fixes
+ + revive remotebackend tests and fix failures
+ + do not disable ns records at apex in consumer zones
+ + catalog: include groups in hash calculation
+ + lmdb: remove mapasync mode, it was always a lie
+ + debian: adjust option names in shipped configs
+ + fix tinydnsbackend compilation issue
+ + set catalog in gsql getAllDomains
+ + improve wildcard CNAME handling
+ + auth api: flush all caches when flushing
+ + CAA records: handle empty value more gracefully,
+ fixes#13070
+ + calidns: Fix setting an ECS source of 0
+ + calidns: Prevent a crash on an empty domains file
+
+For details, see
+https://doc.powerdns.com/authoritative/changelog/4.9.html
+
+-------------------------------------------------------------------
Mon Feb 12 14:17:20 UTC 2024 - Adam Majer <adam.majer@suse.de>
- Update to 4.8.4:
Index: pdns.spec
===================================================================
--- pdns.spec (revision 249)
+++ pdns.spec (revision 2)
@@ -57,7 +57,7 @@
%endif
Name: pdns
-Version: 4.8.4
+Version: 4.9.0
Release: 0
Summary: Authoritative-only nameserver
License: GPL-2.0-only
Index: pdns-4.9.0.tar.bz2
===================================================================
Binary file pdns-4.9.0.tar.bz2 (revision 2) added
Index: pdns-4.9.0.tar.bz2.sig
===================================================================
Binary file pdns-4.9.0.tar.bz2.sig (revision 2) added
Index: pdns-4.8.4.tar.bz2
===================================================================
Binary file pdns-4.8.4.tar.bz2 (revision 249) deleted
Index: pdns-4.8.4.tar.bz2.sig
===================================================================
Binary file pdns-4.8.4.tar.bz2.sig (revision 249) deleted
OBS-URL: https://build.opensuse.org/request/show/1161599
OBS-URL: https://build.opensuse.org/package/show/server:dns/pdns?expand=0&rev=250
* fixes incomplete validation of incoming IXFR transfer for
secondary zones for which IXFR transfers have been enabled and
the network path to the primary server is not trusted. Note that
IXFR transfers are not enabled by default.
(CVE-2022-27227, bsc#1197525)
OBS-URL: https://build.opensuse.org/package/show/server:dns/pdns?expand=0&rev=223
- Update to 4.5.2 with bug fixes:
* bindbackend: skip rejected zones during list and search PR#10968
* make the zone cache more robust for bad data and save some SOA queries for DNSSEC zones PR#10964
* api, check SOA location PR#10962
* improve dnsname exception handling for SOA records PR#10952
* improve SOA parse exception handling PR#10792
* try to reload rejected zones in bind-backend once every bind-check-interval PR#10778
OBS-URL: https://build.opensuse.org/request/show/930626
OBS-URL: https://build.opensuse.org/package/show/server:dns/pdns?expand=0&rev=221
A lot of internals have been reworked, with some visible changes
for users. If you read the upgrade notes for a beta or RC, please
read them again!
A notable new feature in 4.3 is support for hiding DNSSEC keys,
which makes it possible to do algorithm rollovers. This feature
was contributed by Robin Geuze of TransIP, thanks! Another
interesting new feature is support for automatically publishing
CDS/CDNSKEY records with a single pdns.conf setting.
Please note that 4.3.0 comes with a mandatory database schema
upgrade.
https://doc.powerdns.com/authoritative/upgrading.html#x-to-4-3-0
- refreshed patch pdns-4.0.3_allow_dacoverride_in_capset.patch
- dropped subpackages for mydns and opendbx
- change run directory from /var/run/ to /run/
- pdns-backend-lua now has the lua2 backend
OBS-URL: https://build.opensuse.org/package/show/server:dns/pdns?expand=0&rev=201
New features
* Add SLAVE-RENOTIFY zone metadata support
* Add configurable timeout for inbound
* for gmysql backend, add an option to send the SSL capability flag
Improvements
* Register a few known RR types
* bindbackend: use metadata for also-notifies as well
* pdnsutil increase-serial: under SOA-EDIT=INCEPTION-EPOCH,
bump as if it is EPOCH
* API: optionally do not return dnssec info in domain list
Bug Fixes
* LUA view: do not crash on empty IP list
* API: Accept headers without spaces
* Avoid database state-related SERVFAILs after a LUA error
* Fix broken edit-zone and other features with the LMDB backend
* rfc2136, pdnsutil: somewhat improve duplicate record handling
OBS-URL: https://build.opensuse.org/package/show/server:dns/pdns?expand=0&rev=193
- Update to 4.1.11:
* update postgresql schema to address a possible denial of service
by an authorized user by inserting a crafted record in a MASTER
type zone under their control. (bsc#1142810, CVE-2019-10203)
To fix the issue, run the following command against your PostgreSQL
pdns database:
ALTER TABLE domains ALTER notified_serial TYPE bigint
USING CASE WHEN notified_serial >= 0
THEN notified_serial::bigint END;
- spec file simplifications and cleanup
OBS-URL: https://build.opensuse.org/request/show/720206
OBS-URL: https://build.opensuse.org/package/show/server:dns/pdns?expand=0&rev=183
