ChangeLog: https://gitlab.labs.nic.cz/knot/knot-dns/raw/v3.2.9/NEWS
Improvements:
-------------
* keymgr: 'import-pkcs11' not allowed if no PKCS #11 keystore backend is
configured
* keymgr: more verbose key import errors
* doc: extended migration notes
* doc: various improvements
Bugfixes:
---------
* knotd: server may crash when storing changeset of a big zone migrating
to/from NSEC3
* knotd: zone refresh loop when all masters are outdated and timers cleared
* knotd: failed to active D-Bus notifications if not started as systemd service
* kjournalprint: database transaction not properly closed when terminated
prematurely
PR: 272752
Reported by: freebsd@dns.company (maintainer)
ChangeLog: https://blog.powerdns.com/2023/07/07/authoritative-server-4-8-1
New Features
* lmdb: add backend commands for checking & refreshing indexes
Improvements
* lmdb: in Lightning Stream mode, during deleteDomain, use RW transaction to
get ID list
* Stop using the now deprecated ERR_load_CRYPTO_strings() to detect OpenSSL
* Work around Red Hat 8 pooping the bed in OpenSSL’s headers
Bug Fixes
* YaHTTP: Prevent integer overflow on very large chunks
PR: 272476
Reported by: tremere@cainites.net (maintainer)
Saturday, 8 July 2023
KDE today announces the release of KDE Frameworks 5.108.0.
KDE Frameworks are 83 addon libraries to Qt which provide a wide variety
of commonly needed functionality in mature, peer reviewed and well
tested libraries with friendly licensing terms. For an introduction see
the KDE Frameworks release announcement.
This release is part of a series of planned monthly releases making
improvements available to developers in a quick and predictable manner.
Announcement: https://kde.org/announcements/frameworks/5/5.108.0/
PR: 272435
Exp-run by: antoine
Replace GL_COMMIT by GL_TAGNAME in all ports. The new GL_TAGNAME is
backwards-compatible (accepting any commit hash as before), but also
understands an actual tag name. Moving to tag names where appropriate is
left to individual ports' maintainers.
Approved by: portmgr (tcberner, mentor)
Differential Revision: https://reviews.freebsd.org/D37077
ChangeLog: https://gitlab.nic.cz/knot/knot-dns/raw/v3.2.8/NEWS
Improvements:
-------------
* kdig: malformed messages are parsed and printed using a best-effort approach
* python: new dname from wire initialization
Bugfixes:
---------
* knotd: missing outgoing NOTIFY upon refresh if one of more primaries is up-to-date
* knotd: journal loop detection can prevent zone from loading
* knotd: cryptic error message when journal is full #842
* knotd: failed to query catalog zone over UDP
* configure: libngtcp2 check wrongly requires version 0.13.0 instead of 0.13.1
PR: 272222
Reported by: clukas@firc.de
Approved by: freebsd@dns.company (maintainer)
ChangeLog: https://blog.powerdns.com/2023/06/30/powerdns-recursor-4-9-0-released
* The performance impact of metrics collection has been reduced by using
lock-free non-atomic thread-local counters.
* The packet cache is sharded and shared by all threads.
* The TTL of negative answers in the packet cache can now be controlled
separately from positive and failure answers.
* The rec_control trace_regex command writes the generated trace information to
a specified file instead of the general log. The trace information contains
more precise timestamps and DNSSEC validation information.
* If extended-resolution-errors is enabled EDNS errors are now generated in
more cases, specifically when authoritative servers for a zone are
unreachable or when synthesising answers by e.g. using the aggressive NSEC
cache.
* The aggressive NSEC cache has been changed not to store NSEC3 entries which
cover only a small fraction of possible names. This also allows switching off
the aggressive cache for NSEC3 only.
* It is now possible to switch off root-refreshing completely.
* Proper handling of security policies that restrict the use of specific DNSSEC
algorithms on RHEL9 derived systems.
PR: 272343
Reported by: tremere@cainites.net (maintainer)
2023-06-30 dns/libdjbdns: No longer compliant with current DNS standards and source code hasn't been centrally managed for over 20 years
Approved by: portmgr (blanket)
2023-06-30 dns/djbdns: No longer compliant with current DNS standards and source code hasn't been centrally managed for over 20 years
Approved by: portmgr (blanket)
2023-06-30 dns/djbdns-tools: No longer compliant with current DNS standards and source code hasn't been centrally managed for over 20 years
Approved by: portmgr (blanket)
Saturday, 10 June 2023
KDE today announces the release of KDE Frameworks 5.107.0.
KDE Frameworks are 83 addon libraries to Qt which provide a wide variety
of commonly needed functionality in mature, peer reviewed and well
tested libraries with friendly licensing terms. For an introduction see
the KDE Frameworks release announcement.
This release is part of a series of planned monthly releases making
improvements available to developers in a quick and predictable manner.
PR: 272099
Exp-run by: antoine
This fixes the way OpenSSL is detected (it now uses a non-deprecated function),
which is not available anymore on 14.0-CURRENT. Doesn't change anything for
previous versions of FreeBSD.
PR: 272231
Reported by: tremere@cainites.net (maintainer)
This fixes the way OpenSSL is detected (it now uses a non-deprecated function),
which is not available anymore on 14.0-CURRENT. Doesn't change anything for
previous versions of FreeBSD.
PR: 272232
Reported by: tremere@cainites.net (maintainer)
ChangeLog: https://www.opendnssec.org/2023/06/opendnssec-2-1-13/
This release fixes a bug that affects both signer and enforcer command
line handling. Under heavy usage of the command line there was a small
change for a crash.
Furthermore there is a small behavioural change for users of the "keep"
policy. The back-off for retrying a sign task change is now equal to
the resign period in case the input file isn't available or updated.
This because users nearly always will emit an external sign command for
this period. This will reduce logging errors.
PR: 272254
Reported by: jaap@NLnetLabs.nl (maintainer)
* dnstable_convert: add -p option to not remove generated mtbl file
with no records.
* dnstable_convert: additional logging at startup and exit.
* dnstable_convert: increase file descriptor resource limit at startup.
* dnstable_unconvert: sort rdata values in "wdns_sort_rrset" order
for consistency with other dnstable data sources.
The problem fixed by patch-dnstable__convert.c has been fixed upstream.
Sponsored by: DomainTools LLC
The logic in USES=python will automatically convert this to 3.8+ by
itself.
Adjust two ports that only had Python 3.7 mentioned but build fine
on Python 3.8 too.
finance/quickfix: mark BROKEN with PYTHON
libtool: compile: c++ -DHAVE_CONFIG_H -I. -I../.. -I -I. -I.. -I../.. -I../C++ -DLIBICONV_PLUG -DPYTHON_MAJOR_VERSION=3 -Wno-unused-variable -Wno-maybe-uninitialized -O2 -pipe -DLIBICONV_PLUG -fstack-protector-strong -fno-strict-aliasing -DLIBICONV_PLUG -Wall -ansi -Wno-unused-command-line-argument -Wpointer-arith -Wwrite-strings -Wno-overloaded-virtual -Wno-deprecated-declarations -Wno-deprecated -std=c++0x -MT _quickfix_la-QuickfixPython.lo -MD -MP -MF .deps/_quickfix_la-QuickfixPython.Tpo -c QuickfixPython.cpp -fPIC -DPIC -o .libs/_quickfix_la-QuickfixPython.o
warning: unknown warning option '-Wno-maybe-uninitialized'; did you mean '-Wno-uninitialized'? [-Wunknown-warning-option]
QuickfixPython.cpp:175:11: fatal error: 'Python.h' file not found
^~~~~~~~~~
1 warning and 1 error generated.
Reviewed by: portmgr, vishwin, yuri
Differential Revision: <https://reviews.freebsd.org/D40568>
