Hello community,
here is the log from the commit of package pdns-recursor for openSUSE:Factory checked in at 2015-05-06 11:19:33
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/pdns-recursor (Old)
and /work/SRC/openSUSE:Factory/.pdns-recursor.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "pdns-recursor"
Changes:
--------
--- /work/SRC/openSUSE:Factory/pdns-recursor/pdns-recursor.changes 2015-02-20 12:01:42.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.pdns-recursor.new/pdns-recursor.changes 2015-05-06 11:19:33.000000000 +0200
@@ -1,0 +2,20 @@
+Wed Apr 29 07:13:09 UTC 2015 - mrueckert@suse.de
+
+- call systemd-tmpfiles during installation
+
+-------------------------------------------------------------------
+Thu Apr 23 12:21:59 UTC 2015 - michael@stroeder.com
+
+- update to 3.7.2 with a fix for CVE-2015-1868 (boo# 927569)
+ Bug fixes:
+ - commit adb10be commit 3ec3e0f commit dc02ebf Fix handling of
+ forward references in label compressed packets; fixes
+ CVE-2015-1868
+ - commit a7be3f1: make sure we never call sendmsg with
+ msg_control!=NULL && msg_controllen>0. Fixes ticket #2227
+ - commit 9d835ed: Improve robustness of root-nx-trust.
+ Improvements:
+ - commit 99c595b: Silence warnings that always occur on FreeBSD
+ (Ruben Kerkhof)
+
+-------------------------------------------------------------------
Old:
----
pdns-recursor-3.7.1.tar.bz2
New:
----
pdns-recursor-3.7.2.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ pdns-recursor.spec ++++++
--- /var/tmp/diff_new_pack.onFZJT/_old 2015-05-06 11:19:34.000000000 +0200
+++ /var/tmp/diff_new_pack.onFZJT/_new 2015-05-06 11:19:34.000000000 +0200
@@ -24,7 +24,7 @@
Name: pdns-recursor
-Version: 3.7.1
+Version: 3.7.2
Release: 1
%define pkg_version %{version}
#
@@ -118,6 +118,7 @@
%if 0%{?suse_version} && %{with systemd}
%post
+systemd-tmpfiles --create /usr/lib/tmpfiles.d/pdns-recursor.conf || true
%service_add_post %{name}.service
%endif
++++++ pdns-recursor-3.7.1.tar.bz2 -> pdns-recursor-3.7.2.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-recursor-3.7.1/README new/pdns-recursor-3.7.2/README
--- old/pdns-recursor-3.7.1/README 2015-02-12 11:16:00.000000000 +0100
+++ new/pdns-recursor-3.7.2/README 2015-04-21 15:02:57.000000000 +0200
@@ -2,7 +2,9 @@
-------------
For full details, please read:
- http://doc.powerdns.com/built-in-recursor.html
+ https://doc.powerdns.com/md/recursor/
+
+Here follow some brief notes that may be useful to get you going.
COMPILING
---------
@@ -14,76 +16,29 @@
You only need to download it, there is no need to compile.
On most modern UNIX distributions, you can simply install 'boost' or
-'boost-dev' or 'boost-devel'. If you don't have that option, or don't want
-to use it, try:
-
-1) head to http://sourceforge.net/project/showfiles.php?group_id=7586 and
-download the latest boost tar.bz2 or tar.gz, perhaps from:
-http://downloads.sourceforge.net/project/boost/boost/1.39.0/boost_1_39_0.tar...
-(use the first link if this one doesn't work)
-
-2) untar it:
-
-$ tar xjf boost_1_39_0.tar.bz2
-
-3) Compile the PowerDNS recursor using:
-
-$ CXXFLAGS=-I./boost_1_39_0/ ./configure
-$ CXXFLAGS=-I./boost_1_39_0/ make clean
-$ CXXFLAGS=-I./boost_1_39_0/ make all
-(the 'clean' is needed to have make pick up the new boost)
-
-4) Run ./pdns_recursor and you should be set!
-
-5) (g)make install
-
-(use gmake on many BSD variant and Solaris, regular make on Linux)
+'boost-dev' or 'boost-devel'. Otherwise, just download boost, and point the
+compiler at the right directory using CPPFLAGS.
OPTIONAL LUA SCRIPTING
----------------------
To benefit from Lua scripting, as described on
http://doc.powerdns.com/recursor-scripting.html please compile like this:
-$ LUA=1 (g)make
+$ LUA=1 ./configure ; LUA=1 (g)make
+
or even
$ LUA=1 LUA_CPPFLAGS_CONFIG=-I/usr/local/include/lua5.1 LUA_LIBS_CONFIG=-llua5.1\
+ ./configure
+$ LUA=1 LUA_CPPFLAGS_CONFIG=-I/usr/local/include/lua5.1 LUA_LIBS_CONFIG=-llua5.1\
(g)make
Use the _CONFIG settings to point out to PowerDNS where your Lua
-installation resides. PowerDNS supports both Lua 5.0 and 5.1.
-
-PLATFORM SPECIFIC NOTES
------------------------
-When compiling on Solaris 8, use:
-$ CPPFLAGS=-DSOLARIS8 ... gmake
-
-where ... stands for any possible CXXFLAGS or PROFILEFLAGS, see below.
-
-PERFORMANCE
------------
-When on Intel/AMD, by ALL means use a 64-bit binary (not just a 64-bit
-kernel). This speeds up most things by at least a factor 2.
-
-For the utmost in performance, compile like this:
-
- $ PROFILEFLAGS=-fprofile-generate make
-
-Then run the program for a bit, in as much of a real-life setting as you
-have available. Then run:
-
- $ rec_control quit-nicely
- bye nicely
-
-Then do:
-
- $ PROFILEFLAGS=-fprofile-use make binclean all
-
-The resulting binary is up to 20% faster in our tests.
-
-Do run with g++ 4.4.1 if you can, it is the best.
+installation resides. PowerDNS supports Lua 5.1 through Lua 5.3.
RUNNING ON A DIFFERENT MACHINE
------------------------------
To prevent hassles with g++/c++ dependencies, you can build like this:
- $ STATIC=semi make all
+
+ $ STATIC=semi ./configure ; STATIC=semi make all
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-recursor-3.7.1/build-scripts/redhat/pdns-recursor-test.spec new/pdns-recursor-3.7.2/build-scripts/redhat/pdns-recursor-test.spec
--- old/pdns-recursor-3.7.1/build-scripts/redhat/pdns-recursor-test.spec 2015-02-12 11:16:00.000000000 +0100
+++ new/pdns-recursor-3.7.2/build-scripts/redhat/pdns-recursor-test.spec 2015-04-21 15:02:57.000000000 +0200
@@ -9,7 +9,7 @@
Epoch: 0
Group: System Environment/Daemons
License: GPL
-Source: http://downloads.powerdns.com/releases/%{name}-3.7.1.tar.bz2
+Source: http://downloads.powerdns.com/releases/%{name}-3.7.2.tar.bz2
BuildRequires: boost-devel >= 1.39.0
BuildRequires: lua-devel >= 5.3
@@ -20,7 +20,7 @@
PowerDNS recursor
%prep
-%setup -q -n %{name}-3.7.1
+%setup -q -n %{name}-3.7.2
%build
%configure
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-recursor-3.7.1/config.h new/pdns-recursor-3.7.2/config.h
--- old/pdns-recursor-3.7.1/config.h 2015-02-12 11:16:00.000000000 +0100
+++ new/pdns-recursor-3.7.2/config.h 2015-04-21 15:02:57.000000000 +0200
@@ -1,4 +1,4 @@
#define RECURSOR
-#define VERSION "3.7.1"
+#define VERSION "3.7.2"
#define DIST_HOST "jenkins@autotest.powerdns.com"
#define HAVE_BOOST 1
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-recursor-3.7.1/configure new/pdns-recursor-3.7.2/configure
--- old/pdns-recursor-3.7.1/configure 2015-02-12 11:16:00.000000000 +0100
+++ new/pdns-recursor-3.7.2/configure 2015-04-21 15:02:57.000000000 +0200
@@ -1,6 +1,10 @@
#!/bin/sh
set -e
+if [ "$HARDENING" = "" ]; then
+ HARDENING="yes"
+fi
+
if [ "$CXX" = "" ]; then
CXX="g++"
fi
@@ -46,8 +50,8 @@
EOF
# test for PIE
- if $CXX $src -c -o a.out -fPIE -DPIE; then
- if [ "$STATIC" != "semi" ] && [ "$STATIC" != "full" ] && $CXX -pie -o a2.out a.out; then
+ if $CXX $src -c -o a.out -fPIE -DPIE 2>/dev/null; then
+ if [ "$STATIC" != "semi" ] && [ "$STATIC" != "full" ] && $CXX -pie -o a2.out a.out 2>/dev/null; then
CF_PIE="-fPIE -DPIE"
LD_PIE="-pie"
fi
@@ -69,7 +73,9 @@
rm -f $src a.out a2.out
}
-test_flags
+if [ "$HARDENING" != "no" ]; then
+ test_flags
+fi
sed -e "s/@LD_RELRO@/$LD_RELRO/g" -e "s/@LD_PIE@/$LD_PIE/g" -e "s/@CF_PIE@/$CF_PIE/g" -e "s/@CF_FORTIFY@/$CF_FORTIFY/g" -e "s/@CF_STACK@/$CF_STACK/g" < Makefile.in > Makefile
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-recursor-3.7.1/contrib/systemd-pdns-recursor.service new/pdns-recursor-3.7.2/contrib/systemd-pdns-recursor.service
--- old/pdns-recursor-3.7.1/contrib/systemd-pdns-recursor.service 2015-02-12 11:16:00.000000000 +0100
+++ new/pdns-recursor-3.7.2/contrib/systemd-pdns-recursor.service 2015-04-21 15:02:57.000000000 +0200
@@ -1,7 +1,8 @@
[Unit]
Description=PowerDNS recursing nameserver
Documentation=man:pdns_recursor(1) man:rec_control(1)
-Wants=network-online.target
+Wants=network-online.target nss-lookup.target
+Before=nss-lookup.target
After=network-online.target
[Service]
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-recursor-3.7.1/dnsparser.cc new/pdns-recursor-3.7.2/dnsparser.cc
--- old/pdns-recursor-3.7.1/dnsparser.cc 2015-02-12 11:16:00.000000000 +0100
+++ new/pdns-recursor-3.7.2/dnsparser.cc 2015-04-21 15:02:57.000000000 +0200
@@ -455,9 +455,10 @@
void PacketReader::getLabelFromContent(const vector