diff options
| author | Carlos J. Puga Medina <cpm@FreeBSD.org> | 2018-07-14 09:17:51 +0000 |
|---|---|---|
| committer | Carlos J. Puga Medina <cpm@FreeBSD.org> | 2018-07-14 09:17:51 +0000 |
| commit | 4bde2935615a2ae6bad29c86536ee59c1910aac2 (patch) | |
| tree | 0f4012b8d9f83eec832d1bfe18af75b75d73703c /UPDATING | |
| parent | bafa583aa81eaf7525a7dde9c04e6a670bc28fec (diff) | |
| download | ports-4bde2935615a2ae6bad29c86536ee59c1910aac2.tar.gz ports-4bde2935615a2ae6bad29c86536ee59c1910aac2.zip | |
dns/dnsdist: Update to 1.3.2
- Add a note to UPDATING about breaking changes
Changelog: https://dnsdist.org/changelog.html#change-1.3.2
PR: 229742
Submitted by: Ralf van der Enden <tremere@cainites.net>
Approved by: cpm
Notes
Notes:
svn path=/head/; revision=474629
Diffstat (limited to 'UPDATING')
| -rw-r--r-- | UPDATING | 15 |
1 files changed, 15 insertions, 0 deletions
@@ -5,6 +5,21 @@ they are unavoidable. You should get into the habit of checking this file for changes each time you update your ports collection, before attempting any port upgrades. +20180714: + AFFECTS: users of dns/dnsdist + AUTHOR: cpm@FreeBSD.org + + After discussing with several users, we noticed that quite a lot of them + were not aware that enabling the dnsdist's console without a key, even + restricted to the local host, could be a security issue and allow privilege + escalation by allowing an unprivileged user to connect to the console and + execute Lua code as the dnsdist user. We therefore decided to refuse any + connection to the console until a key has been set, so please check that + you do set a key before upgrading if you use the console. + + For further details read: + https://blog.powerdns.com/2018/07/10/dnsdist-1-3-2-released/ + 20180704: AFFECTS: users of www/gitlab AUTHOR: mfechner@FreeBSD.org |