while looking for something else I noticed that dnsdist has a security
update ("On a 32-bit system, the pointer arithmetic used when parsing
the received response to remove that record might trigger an undefined
behavior leading to a crash"), is this port update ok?https://dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2017-01.html Index: Makefile =================================================================== RCS file: /cvs/ports/net/dnsdist/Makefile,v retrieving revision 1.7 diff -u -p -r1.7 Makefile --- Makefile 26 Jul 2017 22:45:27 -0000 1.7 +++ Makefile 1 Sep 2017 14:37:03 -0000 @@ -2,14 +2,12 @@ COMMENT= highly DNS-, DoS- and abuse-aware loadbalancer -DISTNAME= dnsdist-1.1.0 +DISTNAME= dnsdist-1.2.0 EXTRACT_SUFX= .tar.bz2 -REVISION= 1 - CATEGORIES= net -HOMEPAGE= http://dnsdist.org/ +HOMEPAGE= https://dnsdist.org/ MAINTAINER= Peter van Dijk <peter.van.d...@powerdns.com> @@ -25,7 +23,8 @@ AUTOCONF_VERSION= 2.69 USE_GMAKE= Yes CONFIGURE_ARGS+= --disable-hardening \ - --with-lua + --with-lua \ + --without-net-snmp CONFIGURE_ENV+= CPPFLAGS="-I${LOCALBASE}/include" \ LDFLAGS="-L${LOCALBASE}/lib" \ LIBEDIT_LIBS='-ledit -lcurses' \ Index: distinfo =================================================================== RCS file: /cvs/ports/net/dnsdist/distinfo,v retrieving revision 1.1.1.1 diff -u -p -r1.1.1.1 distinfo --- distinfo 15 Jan 2017 17:13:33 -0000 1.1.1.1 +++ distinfo 1 Sep 2017 14:37:03 -0000 @@ -1,2 +1,2 @@ -SHA256 (dnsdist-1.1.0.tar.bz2) = tKHokxttBaJElPVCJCEcDeDusfX/Fw9rn1ZlIZv+r8I= -SIZE (dnsdist-1.1.0.tar.bz2) = 874837 +SHA256 (dnsdist-1.2.0.tar.bz2) = mIXJ7orHB2rt5YbqWNRkLrh357LXbJAiVElOKlpfqng= +SIZE (dnsdist-1.2.0.tar.bz2) = 876104 Index: patches/patch-configure_ac =================================================================== RCS file: /cvs/ports/net/dnsdist/patches/patch-configure_ac,v retrieving revision 1.1.1.1 diff -u -p -r1.1.1.1 patch-configure_ac --- patches/patch-configure_ac 15 Jan 2017 17:13:33 -0000 1.1.1.1 +++ patches/patch-configure_ac 1 Sep 2017 14:37:03 -0000 @@ -1,7 +1,8 @@ $OpenBSD: patch-configure_ac,v 1.1.1.1 2017/01/15 17:13:33 sthen Exp $ ---- configure.ac.orig Thu Jan 12 21:38:07 2017 -+++ configure.ac Thu Jan 12 21:38:11 2017 -@@ -81,7 +81,7 @@ PROGRAM_LDFLAGS="$PIE_LDFLAGS $PROGRAM_LDFLAGS" +Index: configure.ac +--- configure.ac.orig ++++ configure.ac +@@ -82,7 +82,7 @@ PROGRAM_LDFLAGS="$PIE_LDFLAGS $PROGRAM_LDFLAGS" AC_SUBST([PROGRAM_LDFLAGS]) AC_SUBST([AM_CPPFLAGS], Index: patches/patch-ext_json11_json11_cpp =================================================================== RCS file: patches/patch-ext_json11_json11_cpp diff -N patches/patch-ext_json11_json11_cpp --- patches/patch-ext_json11_json11_cpp 27 May 2017 06:21:43 -0000 1.1 +++ /dev/null 1 Jan 1970 00:00:00 -0000 @@ -1,41 +0,0 @@ -$OpenBSD: patch-ext_json11_json11_cpp,v 1.1 2017/05/27 06:21:43 espie Exp $ -nullptrs are not comparable. patch from FreeBSD - -Index: ext/json11/json11.cpp ---- ext/json11/json11.cpp.orig -+++ ext/json11/json11.cpp -@@ -37,11 +37,21 @@ using std::make_shared; - using std::initializer_list; - using std::move; - -+/* Helper for representing null - just a do-nothing struct, plus comparison -+ * operators so the helpers in JsonValue work. We can't use nullptr_t because -+ * it may not be orderable. -+*/ -+ -+struct NullStruct { -+ bool operator==(NullStruct) const { return true; } -+ bool operator<(NullStruct) const { return false; } -+}; -+ - /* * * * * * * * * * * * * * * * * * * * - * Serialization - */ - --static void dump(std::nullptr_t, string &out) { -+static void dump(NullStruct, string &out) { - out += "null"; - } - -@@ -204,9 +214,9 @@ class JsonObject final : public Value<Json::OBJECT, Js - explicit JsonObject(Json::object &&value) : Value(move(value)) {} - }; - --class JsonNull final : public Value<Json::NUL, std::nullptr_t> { -+class JsonNull final : public Value<Json::NUL, NullStruct> { - public: -- JsonNull() : Value(nullptr) {} -+ JsonNull() : Value({}) {} - }; - - /* * * * * * * * * * * * * * * * * * * *
