pdns-recursor

rpm/pdns-recursor

SHA256

Fork 0

forked from pool/pdns-recursor

22e07e3f37 Accepting request 1177076 from server:dns factory Ana Guerrero 2024-05-28 15:28:33 +00:00
7886287fd9 Accepting request 1176818 from home:AndreasStieger:branches:server:dns Adam Majer 2024-05-27 09:09:53 +00:00
6425823a92 Accepting request 1170013 from server:dns Ana Guerrero 2024-04-25 18:48:36 +00:00
94361cad7d - update to 5.0.4: * fixes a case when a crafted responses can lead to a denial of service in Recursor if recursive forwarding is configured (bsc#1223262, CVE-2024-25583) - changes in 5.0.3 * Log if a DNSSEC related limit was hit if log_bogus is set * Reduce RPZ memory usage by not keeping the initially loaded RPZs in memory * Fix the zoneToCache regression introduced by 5.0.2 security update Adam Majer 2024-04-24 11:34:43 +00:00
f9c7779d55 Accepting request 1146434 from server:dns Ana Guerrero 2024-02-13 21:42:17 +00:00
d6e7d207e6 - update to 5.0.2 * fixes crafted DNSSEC records in a zone can lead to a denial of service in Recursor https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html (bsc#1219823, bsc#1219826, CVE-2023-50387, CVE-2023-50868) Adam Majer 2024-02-13 14:35:06 +00:00
90f0f6064c Accepting request 1146193 from home:adamm:branches:server:dns Adam Majer 2024-02-12 14:04:44 +00:00
769d7d2b5e Accepting request 1108433 from server:dns Ana Guerrero 2023-09-01 12:21:59 +00:00
62ffb89c44 - update to 4.9.1 * The setting of policy tags for packet cache hist has been fixed. Previously, packet cache hits would not contain policy tags set in the Lua gettags(-ffi) intercept functions. * The retrieval of RPZ zones could fail in situations where a read of the chunk length from the IXFR TCP stream would produce an incomplete result. - enable DSN-over-TLS (DoT) via OpenSSL For complete list of changes, see https://doc.powerdns.com/recursor/changelog/4.9.html#change-4.9.1 For upgrades since 4.8.x and earlier, see https://doc.powerdns.com/recursor/upgrade.html Adam Majer 2023-08-25 10:44:15 +00:00
4b036e990e Accepting request 1077167 from server:dns Dominique Leuenberger 2023-04-04 19:26:47 +00:00
ccf3326df5 - update to 4.8.4 * Deterred spoofing attempts can lead to authoritative servers being marked unavailable (bsc#1209897, CVE-2023-26437) Adam Majer 2023-04-04 09:06:40 +00:00
8a86d658a5 Accepting request 1069900 from server:dns Dominique Leuenberger 2023-03-07 15:50:53 +00:00
e16c52d075 - update to 4.8.3 * Fix serve-stale logic to not cause intermittent high CPU load by: + correcting the removal of a negative cache entry, + correcting the serve-stale main loop regarding exception handling, + correctly handle negcache entries with serve-state status. - changes in version 4.8.2 * Make cache cleaning of record an negative cache more fair * Do not report “not decreasing socket buf size” as an error * Do not use “message” as key, it has a special meaning to systemd-journal * Add the ‘parse packet from auth’ error message to structured logging * Refresh of negcache stale entry might use wrong qtype * Do not chain ECS enabled queries * Properly encode json string containing binary data Adam Majer 2023-03-07 10:44:23 +00:00
003c93fd16 Accepting request 1059961 from server:dns Dominique Leuenberger 2023-01-20 16:39:53 +00:00
9c40b6e286 - update to 4.8.1 * Avoid unbounded recursion when retrieving DS records from some misconfigured domains. (bsc#1207342, CVE-2023-22617) Adam Majer 2023-01-20 12:45:37 +00:00
573fe912d3 Accepting request 1042523 from server:dns Dominique Leuenberger 2022-12-13 17:56:03 +00:00
a53d1b3b19 Accepting request 1042390 from home:stroeder:network Adam Majer 2022-12-13 00:40:01 +00:00
5ea246140e Accepting request 1040841 from server:dns Dominique Leuenberger 2022-12-07 16:35:28 +00:00
3f3b1be219 Accepting request 1038242 from home:stroeder:network Adam Majer 2022-12-07 03:12:47 +00:00
18947261e1 Accepting request 1006510 from server:dns Richard Brown 2022-09-28 15:51:20 +00:00
e988b019d0 Accepting request 1004941 from home:stroeder:network Adam Majer 2022-09-27 19:34:25 +00:00
6ffc15377b Accepting request 1000494 from server:dns Dominique Leuenberger 2022-09-01 20:11:05 +00:00
fc3b866229 - Bump requires to newer Boost, effectively disabling support for SLE-12 Adam Majer 2022-08-24 15:07:28 +00:00
e028ac883b Accepting request 998985 from server:dns Dominique Leuenberger 2022-08-24 13:11:39 +00:00
7e20da9c04 (CVE-2022-37428, bsc#1202664) Adam Majer 2022-08-24 08:27:42 +00:00
4b61020231 - update to 4.7.2 * incomplete exception handling related to protobuf message generation. (CVE-2022-37428) Adam Majer 2022-08-23 21:57:16 +00:00
7bd5d7193e Accepting request 998876 from home:stroeder:network Adam Majer 2022-08-23 21:55:14 +00:00
a1d1f6e9b2 Accepting request 987946 from server:dns Dominique Leuenberger 2022-07-09 15:03:22 +00:00
bd36da8f15 Accepting request 987882 from home:stroeder:network Adam Majer 2022-07-08 15:41:02 +00:00
aa0e47ffa2 Accepting request 980065 from server:dns Dominique Leuenberger 2022-05-31 13:47:45 +00:00
d2bb937c0f Accepting request 979911 from home:stroeder:network Adam Majer 2022-05-31 09:29:26 +00:00
aff8b3ace5 Accepting request 969514 from server:dns Dominique Leuenberger 2022-04-12 19:51:10 +00:00
c0e3315c5f Accepting request 966869 from home:stroeder:network Adam Majer 2022-04-12 16:39:36 +00:00
0db39fc8cd Accepting request 965587 from server:dns Dominique Leuenberger 2022-03-29 16:16:02 +00:00
7becf97f66 - boost_context.patch: Boost.Context detection fix on SLE12 Adam Majer 2022-03-29 09:13:36 +00:00
1c660c301d Accepting request 965584 from home:adamm:branches:OBS_Maintained:pdns-recursor Adam Majer 2022-03-29 09:12:31 +00:00
e0c775e492 - fix building against sle-12 backports with gcc-9 - remove obsolete BR on protobuf - add bundled information to the spec file Adam Majer 2022-03-28 11:37:28 +00:00
0a3a5b2676 Accepting request 964870 from server:dns Dominique Leuenberger 2022-03-25 20:55:03 +00:00
c2d6a441d0 - update to 4.6.1 fixes incomplete validation of incoming IXFR transfer in the Recursor. It applies to setups retrieving one or more RPZ zones from a remote server if the network path to the server is not trusted. (bsc#1197525, CVE-2022-27227) Adam Majer 2022-03-25 13:24:30 +00:00
3fc372bebe Accepting request 942366 from server:dns Dominique Leuenberger 2021-12-24 19:23:27 +00:00
e1bb0a672e Accepting request 941289 from home:stroeder:network Marcus Rueckert 2021-12-24 05:04:59 +00:00
99d282d409 Accepting request 930191 from server:dns Dominique Leuenberger 2021-11-09 22:54:42 +00:00
5fd72830a2 Accepting request 929669 from home:stroeder:network Adam Majer 2021-11-08 14:19:55 +00:00
49fd0efe51 Accepting request 924655 from server:dns Dominique Leuenberger 2021-10-12 19:49:24 +00:00
d7196b3c76 Accepting request 924654 from home:stroeder:network Adam Majer 2021-10-11 13:25:12 +00:00
fc696acf1c Accepting request 909999 from server:dns Dominique Leuenberger 2021-08-03 20:49:07 +00:00
46c9228728 Accepting request 909994 from home:stroeder:network Adam Majer 2021-08-03 13:14:22 +00:00
e6a2f6dcfc Accepting request 904048 from server:dns Dominique Leuenberger 2021-07-05 20:22:59 +00:00
3d5f7f060d Accepting request 904044 from home:wrosenauer:devel Adam Majer 2021-07-05 07:46:12 +00:00
3042bd2a30 Accepting request 902291 from server:dns Dominique Leuenberger 2021-06-25 13:01:34 +00:00
c774c98feb - build-require gcc7 on SLE-12 variant Adam Majer 2021-06-25 07:45:09 +00:00
b686c3d31b - no longer supports 32-bit arches -- requiers 64-bit time_t - specfile cleanup - drop initrd cases - build-require gcc10 on SLE-12 variant Adam Majer 2021-06-25 07:35:02 +00:00
4a54483c45 - No longer supports 32-bit arches -- requiers 64-bit time_t Adam Majer 2021-06-25 06:34:59 +00:00
49088c74c5 Accepting request 898824 from server:dns Dominique Leuenberger 2021-06-09 19:53:08 +00:00
48ca46ff0e Accepting request 898793 from home:stroeder:network Adam Majer 2021-06-09 14:52:33 +00:00
1fb4c5013b Accepting request 882324 from server:dns Richard Brown 2021-04-01 12:17:44 +00:00
c2ecbf8f64 Install license as a license Adam Majer 2021-03-31 09:41:03 +00:00
647174ea16 - update to 4.4.3: Improvements Use a short-lived NSEC3 hashes cache for denial validation. References: #9856, pull request 10221 Bug Fixes More fail-safe handling of Newly Discovered Domain files. Handle policy (if needed) after postresolve. Return current rcode instead of 0 if there are no CNAME records to follow. Lookup DS entries before CNAME entries. Handle failure to start the web server more gracefully. Test that we correctly cap the answer’s TTL in expanded wildcard cases. Fix the gathering of denial proof for wildcard-expanded answers. Make sure we take the right minimum for the packet cache TTL data in the SERVFAIL case. For details see, https://doc.powerdns.com/recursor/changelog/4.4.html#change-4.4.3 Adam Majer 2021-03-31 09:38:56 +00:00
9d4601a609 Accepting request 855754 from server:dns Dominique Leuenberger 2020-12-14 17:10:30 +00:00
12a42cdc81 - update to 4.4.2: Improvements * UUID: Use the non-cryptographic variant of the boost::uuid. * Keep a cached, valid entry over a fresher Bogus one. * Ensure socket-dir matches runtime directory on old systemd * Move to several distinct Bogus states, for easier debugging. * Do not chase CNAME during qname minimization step 4. Bug Fixes * Untangle the validation/resolving qnames and qtypes. * APL records: fix endianness problem. For details see, https://doc.powerdns.com/recursor/changelog/4.4.html#change-4.4.2 Adam Majer 2020-12-14 12:49:14 +00:00
6b9db193d3 Accepting request 850845 from server:dns Dominique Leuenberger 2020-11-26 22:14:22 +00:00
08fab363d7 - update to 4.4.1 * Allow specifying a name in getMetric() that is used for Prometheus * Avoids a CNAME loop detection issue with DNS64 * No longer sends overly long NOD lookups. * If a.b.c CNAME x.a.b.c is encountered, switch off QName Minimization. * Fix the processing of answers generated from gettag. Adam Majer 2020-11-25 15:07:02 +00:00
7f11da64c4 Accepting request 850235 from server:dns Dominique Leuenberger 2020-11-24 21:10:27 +00:00
791b7f352d Accepting request 850222 from home:fbui:branches:server:dns Adam Majer 2020-11-23 15:09:08 +00:00
1bd2a56cb4 Accepting request 845522 from server:dns Dominique Leuenberger 2020-11-03 14:16:38 +00:00
e870722ff6 - fix default config - turn off chroot by default as it is not supported on systemd enabled systems - set query-local-address to ::,0.0.0.0 to make ipv6 only nameservers work out of the box Marcus Rueckert 2020-10-26 19:04:46 +00:00
84752452f6 Accepting request 842575 from server:dns Dominique Leuenberger 2020-10-20 14:16:05 +00:00
70e2931ce3 Accepting request 842567 from home:stroeder:branches:server:dns Adam Majer 2020-10-19 14:26:57 +00:00
a7dc973ef6 Accepting request 841527 from server:dns Dominique Leuenberger 2020-10-13 13:47:15 +00:00
7533698a2c - 9070.patch: refreshed, looks like only partially upstreamed Adam Majer 2020-10-13 11:57:10 +00:00
5cf4a01c98 OBS-URL: https://build.opensuse.org/package/show/server:dns/pdns-recursor?expand=0&rev=148 Adam Majer 2020-10-13 11:39:06 +00:00
5db34830a0 - update to 4.3.5: * fixes cache pollution related to DNSSEC validation. (CVE-2020-25829, bsc#1177383) * now raise an exception on invalid content in unknown records * fixes the parsing of dont-throttle-netmasks in the presence of dont-throttle-names - 9070.patch: upstreamed and removed Adam Majer 2020-10-13 11:36:10 +00:00
4c35dcca66 Accepting request 833218 from server:dns Dominique Leuenberger 2020-09-09 16:07:11 +00:00
1756fb0037 - 9070.patch: backport compilation fix vs. latest Boost 1.74 based on https://github.com/PowerDNS/pdns/pull/9070 Adam Majer 2020-09-09 09:05:55 +00:00
e4d1e56459 Accepting request 832972 from home:stroeder:branches:server:dns Adam Majer 2020-09-09 08:51:11 +00:00
0b3f56214d Accepting request 821852 from server:dns Dominique Leuenberger 2020-07-20 19:04:07 +00:00
e3a7111fbb Accepting request 821505 from home:stroeder:branches:server:dns Adam Majer 2020-07-20 09:45:08 +00:00
281425017d Accepting request 818168 from server:dns Dominique Leuenberger 2020-07-02 22:11:09 +00:00
d165c94b5c OBS-URL: https://build.opensuse.org/package/show/server:dns/pdns-recursor?expand=0&rev=140 Adam Majer 2020-07-01 19:05:38 +00:00
e29d8afa33 - update to 4.3.2 * Fixes a access restriction bypass vulnerability where ACL applied to the internal web server via webserver-allow-from is not properly enforced, allowing a remote attacker to send HTTP queries to the internal web server, bypassing the restriction. (CVE-2020-14196, bsc#1173302) * improves CNAME loop detection * Fix the handling of DS queries for the root * Fix RPZ removals when an update has several deltas Adam Majer 2020-07-01 18:44:03 +00:00
f93265a049 Accepting request 807216 from server:dns Dominique Leuenberger 2020-05-19 12:50:50 +00:00
28affeaed5 - update to 4.3.1 * fixes an issue where records in the answer section of a NXDOMAIN response lacking an SOA were not properly validated (CVE-2020-12244, bsc#1171553) * fixes an issue where invalid hostname on the server can result in disclosure of invalid memory (CVE-2020-10030, bsc#1171553) * fixes an issue in the DNS protocol has been found that allows malicious parties to use recursive DNS services to attack third party authoritative name servers (CVE-2020-10995, bsc#1171553) Adam Majer 2020-05-19 09:49:25 +00:00
e16b4f4346 Accepting request 782531 from server:dns Dominique Leuenberger 2020-03-07 20:41:49 +00:00
f3fe0c9665 Accepting request 782525 from home:wrosenauer:devel Adam Majer 2020-03-07 13:30:58 +00:00
1c47b0d1e4 Accepting request 781144 from server:dns Dominique Leuenberger 2020-03-04 08:40:28 +00:00
b6b4cec296 - update to 4.3.0: * A relaxed form of QName Minimization as described in rfc7816bis-01. This feature is enabled by default * Dnstap support for outgoing queries to authoritative servers and the corresponding replies. * The recursor now processes a number of requests incoming over a TCP connection simultaneously and will return results (potentially) out-of-order. * Newly Observed Domain (NOD) functionality * For details see https://blog.powerdns.com/2020/03/03/powerdns-recursor-4-3-0-released/ Adam Majer 2020-03-03 09:51:47 +00:00
572025613a Accepting request 755197 from server:dns Dominique Leuenberger 2019-12-09 20:35:56 +00:00
9b38d59daf - update to 4.2.1: * Add deviceName field to protobuf messages * Purge map of failed auths periodically by keeping last changed timestamp. * Prime NS records of root-servers.net parent (.net) * Issue with “zz” abbreviation for IPv6 RPZ triggers * Basic validation of $GENERATE parameters * Fix inverse handler registration logic for SNMP Adam Majer 2019-12-09 09:52:47 +00:00
67516a01ab Accepting request 715693 from server:dns Dominique Leuenberger 2019-07-18 13:20:13 +00:00
51525bdbe0 Accepting request 715500 from home:stroeder:branches:server:dns Marguerite Su 2019-07-16 13:18:24 +00:00
6f7c68e4f0 Accepting request 704461 from server:dns Dominique Leuenberger 2019-05-22 09:17:08 +00:00
fc0edfb0e1 - update to 4.1.13: * Add the disable-real-memory-usage setting to skip expensive collection of detailed memory usage info * Fix DNSSEC validation of wildcards expanded onto themselves. Adam Majer 2019-05-21 12:18:35 +00:00
2de1d1bcef Accepting request 698186 from server:dns Yuchen Lin 2019-04-26 20:55:44 +00:00
81cfe94f6f Accepting request 698180 from home:jubalh:branches:server:dns Adam Majer 2019-04-26 11:19:01 +00:00
e4d00d2cec Accepting request 690877 from server:dns Dominique Leuenberger 2019-04-03 08:51:44 +00:00
bbc5339d27 Accepting request 690719 from home:stroeder:branches:server:dns Adam Majer 2019-04-03 07:52:41 +00:00
9f86a61b0e Accepting request 668666 from server:dns Dominique Leuenberger 2019-01-26 21:22:34 +00:00
3d41ef0586 Accepting request 668512 from home:stroeder:branches:server:dns Adam Majer 2019-01-25 14:32:28 +00:00
f3df1f3823 Accepting request 667620 from server:dns Dominique Leuenberger 2019-01-24 13:12:25 +00:00
38717d584e - update to 4.1.9 https://blog.powerdns.com/2019/01/21/powerdns-recursor-4-1-9-released/ - Fixes case when Lua hooks are not called over TCP (CVE-2019-3806, bsc#1121887) - Fixes DNSSEC validation is not performed for AA=0 responses (CVE-2019-3807, bsc#1121889) Adam Majer 2019-01-21 14:42:26 +00:00

1 2 3

Commit Graph Select branches Hide Pull Requests factory Mono Color

Commit Graph

Select branches

Hide Pull Requests

factory