Fix rt.cpan.org #30316 Security issue with Net::DNS Resolver.
Net/DNS/RR/A.pm in Net::DNS 0.60 build 654 allows remote attackers
to cause a denial of service (program "croak") via a crafted DNS
response (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6341). Packet
parsing routines are now enclosed in eval blocks to trap exception
and avoid premature termination of user program.
Used ideas from:
PR: ports/120702
Submitted by: Felippe de Meirelles Motta <lippemail@gmail.com>
directly frobbing packets or calling Net::DNS::RR->new_from_data()
(which you should not be doing anyway) then you should read the changelog
carefully and review/test your code before committing to this version.
2. Remove support for old Perl.
functionality for DLV/DNSSEC.
2. Add virtual category ipv6
3. Add OPTIONS for IPV6, enabled by default.
4. Fix the test for WITH_IPV6, and move it out of the test for
${PERL_LEVEL} < 500800. On my system, the IPv6 libraries are not
(any longer?) installed by default with Perl 5.8. The test is
harmless if the libraries are there in any case, so remove the
pointless micro-optiimiztion.
of this module later than 0.49, you should definitely upgrade, as
this version fixes several bugs in the new code.
If running Perl < 5.6, make addition of the IPv6 modules optional
as 0.52 of this module fixes the bugs that made it mandatory.
gone into the live version.
Also, 0.50 grew a dependency on Net-IP which was not recorded in the
Changes file, so add that explicitly. This was mentioned by several
people, including the current Net-DNS author, and the PR.
PR: ports/82194
Submitted by: Helge Oldach <p5netdnsjun05@oldach.net>
actual substantive changes, 0.44 has some non-user-visible changes
to make CPAN.pm happy.
Power users of this module are encouraged to read the CHANGES file.
Most users shouldn't have problems with this upgrade.
Significant changes to the software:
1. Ongoing refinement of proper class inheritance/categorization.
2. Fix zone transfers with 'many-answer' format.
3. Finally "fixed" the .xs code, and accompanying Makefile.pl options
to work out of the box on both RELENG_4 and 5-current.
4. Added a Makefile.pl option to avoid the online tests.
5. Support for unknown RR types.
Changes to the port:
1. Take advantage of 3 and 4 above.
2. portlint doesn't like the word 'file' to appear in the Makefile, so
change it to 'doc' for the PORTDOCS install loop.
* Updated docs
* Net::DNS::Resolver now has unique classes for windows and unix
* You can now define a config file for the Resolver object
* Various other cleanups
If you were (bogusly) using module globals in your scripts, this
update is likely to break that, so take due precautions.
either the Makefile.PL script, or other, and offered nothing new
of interest.
This version has a more efficient dn_expand method, and adds a
warning that Resolver::axfr_old() is deprecated.
and multiple queries in one packet. Also some minor bug fixes for
Net::DNS::Resolver::Recurse and Net::DNS::Resolver::axfr_next().
Convert to ${SITE_PERL}
for detecting duplicate RR's in an update packet, and some more
tests. Note, the tests are not installed by the port, but are
useful to examine as samples, and to test your installation.
* Update the port to handle the new TKEY and FAQ files.
* Patch the new FAQ, since pod2man is choking on the CVS Id.
* Update the comment by mentioning dynamic updates.
* Add a comment to the Makefile about the harmless build errors
you see if you don't have the run-time depends already installed.
* The errors related to the missing dependencies during build are harmless.
The build-time and run-time dependencies are seperated on purpose so that
the port can be built and run on different boxes.
* The Test-Simple module is not needed to build or run the port, the
tests are not installed by us, and not part of the port itself.
These changes should have been discussed with me before they were made.
has some major performance enhancements, especially the streamlined
implementation of AUTOLOAD.
My brief tests indicate roughly a 30% reduction in module load time.
Added support for DNAME resource records.
Fixed edge case for queries that have no name.
Tighted up the regular expression used in Net::DNS::Resolver::cname_addr()