Convert to %autorelease and %autochangelog

Finish Paul's conversion to autorelease. Used rpmautospec convert to
migrate old part of changelog into a separate file. That should still
include old changelog entries in the package.

[skip changelog]

changelog

@@ -0,0 +1,917 @@
+* Thu Nov 02 2023 Petr Menšík <pemensik@redhat.com> - 1.19.0-1
+- Update to 1.19.0 (#2248686)
+
+* Wed Sep 06 2023 Petr Menšík <pemensik@redhat.com> - 1.18.0-2
+- Skip failing tests on ELN builds
+
+* Fri Sep 01 2023 Petr Menšík <pemensik@redhat.com> - 1.18.0-1
+- Update to 1.18.0 (#2236097)
+
+* Sat Jul 22 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1.17.1-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
+
+* Tue Jun 13 2023 Python Maint <python-maint@redhat.com> - 1.17.1-3
+- Rebuilt for Python 3.12
+
+* Sat Jan 21 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1.17.1-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
+
+* Fri Jan 13 2023 Paul Wouters <paul.wouters@aiven.io - 1.17.1-1
+- Resolved rhbz#2160397 unbound-1.17.1 is available (bugfix release)
+- Add support for building with redis
+
+* Thu Dec 01 2022 Petr Menšík <pemensik@redhat.com> - 1.17.0-2
+- Move unbound user creation to libs (#2149036)
+- Use systemd-sysusers for user creation (#2105416)
+- Keep original DNSSEC root key as config (#2132103)
+
+* Tue Nov 01 2022 Petr Menšík <pemensik@redhat.com> - 1.17.0-1
+- Update to 1.17.0 (#2134348)
+
+* Wed Oct 05 2022 Petr Menšík <pemensik@redhat.com> - 1.16.3-3
+- Correct issues made by unbound-anchor package split (#2110858)
+
+* Fri Sep 30 2022 Petr Menšík <pemensik@redhat.com> - 1.16.3-2
+- Update License tag to SPDX identifier
+
+* Fri Sep 23 2022 Petr Menšík <pemensik@redhat.com> - 1.16.3-1
+- Update to 1.16.3 (#2128638)
+
+* Tue Aug 09 2022 Paul Wouters <pwouters@redhat.com> - 1.16.2-3
+- sync up to upstream unbound.conf
+- Enable Extended DNS Error codes (RFC8914)
+
+* Tue Aug 09 2022 Petr Menšík <pemensik@redhat.com> - 1.16.2-2
+- Require openssl tool for unbound-keygen (#2116790)
+
+* Wed Aug 03 2022 Petr Menšík <pemensik@redhat.com> - 1.16.2-1
+- Update to 1.16.2 (#2105947) for CVE-2022-30698 and CVE-2022-30699
+
+* Sat Jul 23 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.16.0-7
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
+
+* Mon Jun 27 2022 Petr Menšík <pemensik@redhat.com> - 1.16.0-6
+- Move unbound-anchor to separate package
+- Move unbound-host and unbound-streamtcp to unbound-utils package
+
+* Mon Jun 13 2022 Python Maint <python-maint@redhat.com> - 1.16.0-5
+- Rebuilt for Python 3.11
+
+* Tue Jun 07 2022 Petr Menšík <pemensik@redhat.com> - 1.16.0-4
+- Restart keygen service before every unbound start
+
+* Sat Jun 04 2022 Petr Menšík <pemensik@redhat.com> - 1.16.0-1
+- Update to 1.16.0
+
+* Tue Apr 26 2022 Petr Menšík <pemensik@redhat.com> - 1.15.0-3
+- Stop creating wrong devel manual pages (#2078929)
+
+* Wed Apr 20 2022 Petr Menšík <pemensik@redhat.com> - 1.15.0-2
+- Update icannbundle.pem
+
+* Tue Mar 29 2022 Petr Menšík <pemensik@redhat.com> - 1.15.0-1
+- Update to 1.15.0 (#2030608)
+
+* Sat Jan 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.13.2-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
+
+* Sat Nov 06 2021 Adrian Reber <adrian@lisas.de> - 1.13.2-4
+- Rebuilt for protobuf 3.19.0
+
+* Mon Oct 25 2021 Adrian Reber <adrian@lisas.de> - 1.13.2-3
+- Rebuilt for protobuf 3.18.1
+
+* Tue Sep 14 2021 Sahana Prasad <sahana@redhat.com> - 1.13.2-2
+- Rebuilt with OpenSSL 3.0.0
+
+* Thu Aug 12 2021 Paul Wouters <paul.wouters@aiven.io> - 1.13.2-1
+- Resolves: rhbz#1992985 unbound-1.13.2 is available
+- Use system-wide crypto policies
+
+* Fri Jul 23 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.13.1-8
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
+
+* Wed Jun 02 2021 Python Maint <python-maint@redhat.com> - 1.13.1-7
+- Rebuilt for Python 3.10
+
+* Fri Apr 23 2021 Artem Egorenkov <aegorenk@redhat.com> - 1.13.1-6
+- Option --enable-linux-ip-local-port-range added to use system configured port range for libunbound on Linux
+- Resolves: rhbz#1935101
+
+* Tue Apr 13 2021 Paul Wouters <pwouters@redhat.com> - 1.13.1-5
+- Fix unbound.service to use After=network-online.target
+
+* Tue Apr 06 2021 Artem Egorenkov <aegorenk@redhat.com> - 1.13.1-4
+- Don't start unbound-anchor before unbound service if DISABLE_UNBOUND_ANCHOR
+  environment variable equals to "yes"
+
+* Tue Mar 02 2021 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 1.13.1-3
+- Rebuilt for updated systemd-rpm-macros
+  See https://pagure.io/fesco/issue/2583.
+
+* Mon Feb 15 2021 Victor Stinner <vstinner@python.org> - 1.13.1-2
+- Fix build on Python 3.10 (rhbz#1889726).
+
+* Wed Feb 10 2021 Paul Wouters <pwouters@redhat.com> - 1.13.1-1
+- Resolves rhbz#1860887 unbound-1.13.1 is available
+- Fixup unbound.conf
+
+* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.13.0-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
+
+* Thu Dec 10 2020 Petr Menšík <pemensik@redhat.com> - 1.13.0-1
+- Update to 1.13.0
+
+* Tue Oct 13 2020 Petr Menšík <pemensik@redhat.com> - 1.12.0-1
+- Update to 1.12.0 (#1860887)
+
+* Tue Sep 15 2020 Petr Menšík <pemensik@redhat.com> - 1.10.1-5
+- Move command line tools to utils subpackage
+
+* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.10.1-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Tue Jul 14 2020 Tom Stellard <tstellar@redhat.com> - 1.10.1-3
+- Use make macros
+- https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro
+
+* Fri May 22 2020 Miro Hrončok <mhroncok@redhat.com> - 1.10.1-2
+- Rebuilt for Python 3.9
+
+* Tue May 19 2020 Paul Wouters <pwouters@redhat.com> - 1.10.1-1
+- Resolves: rhbz#1837279 unbound-1.10.1 is available
+- Resolves: rhbz#1837598 CVE-2020-12662 unbound: insufficient control of network message volume leads to DoS
+- Resolves: rhbz#1837609 CVE-2020-12663 unbound: infinite loop via malformed DNS answers received from upstream servers
+- Updated unbound.conf for new options in 1.10.1
+
+* Wed Apr 29 2020 Paul Wouters <pwouters@redhat.com> - 1.10.0-3
+- Resolves: rhbz#1667742 SELinux is preventing unbound from 'name_bind' accesses on the udp_socket port 61000.
+
+* Thu Apr 16 2020 Artem Egorenkov <aegorenk@redhat.com> - 1.10.0-2
+- Resolves: rhbz#1824536 unbound crash
+
+* Thu Mar 19 2020 Petr Menšík <pemensik@redhat.com> - 1.10.0-1
+- Update to 1.10.0 (#1805199)
+
+* Fri Jan 31 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.9.6-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
+
+* Fri Dec 13 2019 Paul Wouters <pwouters@redhat.com> - 1.9.6-1
+- Resolves: rhbz#1758107 unbound-1.9.5 is available
+- Resolves: CVE-2019-18934
+
+* Fri Nov 01 2019 Paul Wouters <pwouters@redhat.com> - 1.9.4-1
+- Fix build on rhel/centos systems
+- Resolves: rhbz#1767955 (CVE-2019-16866) uninitialized memory accesses leads to crash via a crafted NOTIFY query
+
+* Thu Sep 26 2019 Petr Menšík <pihhan@gmail.com> - 1.9.3-2
+- Obsolete no longer provided python2 subpackage (#1749400)
+
+* Tue Aug 27 2019 Paul Wouters <pwouters@redhat.com> - 1.9.3-1
+- Updated to 1.9.3
+- Resolves: rhbz#1672578 unbound-1.9.2 is available
+- Resolves: rhbz#1694831 [/usr/lib/tmpfiles.d/unbound.conf:1] Line references path below legacy directory /var/run/
+- Resolves: rhbz# 1667387 [abrt] unbound: memmove(): unbound killed by SIGABRT
+
+* Thu Aug 22 2019 Miro Hrončok <mhroncok@redhat.com> - 1.8.3-8
+- Subpackage python2-unbound has been removed
+  See https://fedoraproject.org/wiki/Changes/Mass_Python_2_Package_Removal
+
+* Thu Aug 15 2019 Miro Hrončok <mhroncok@redhat.com> - 1.8.3-7
+- Rebuilt for Python 3.8
+
+* Mon Aug  5 2019 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 1.8.3-6
+- Drop install-time requirements on systemd (#1723777)
+
+* Sat Jul 27 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.8.3-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
+
+* Sun Feb 03 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.8.3-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
+
+* Fri Jan 11 2019 Paul Wouters <pwouters@redhat.com> - 1.8.3-3
+- Remove KSK-2010 from configs - it has been revoked
+
+* Wed Dec 12 2018 Paul Wouters <pwouters@redhat.com> - 1.8.3-2
+- Another dns64 fixup
+
+* Wed Dec 12 2018 Paul Wouters <pwouters@redhat.com> - 1.8.3-1
+- Updated to 1.8.3 with fixes the dns64 bug and has some other minor fixes
+
+* Mon Dec 10 2018 Paul Wouters <pwouters@redhat.com> - 1.8.2-2
+- Fix dns64 allocation in wrong region for returned internal queries.
+
+* Tue Dec 04 2018 Paul Wouters <pwouters@redhat.com> - 1.8.2-1
+- Updated to 1.8.2.
+- Enabled deny ANY query support and edns-tcp-keepalive
+- Set serve-stale timeout to 4h
+- Updated unbound.conf for latest options
+
+* Mon Oct 22 2018 Petr Menšík <pemensik@redhat.com> - 1.8.1-2
+- Allow group by default to unbound-control (#1640259)
+
+* Mon Oct 08 2018 Petr Menšík <pemensik@redhat.com> - 1.8.1-1
+- Update to 1.8.1
+
+* Mon Oct 01 2018 Petr Menšík <pemensik@redhat.com> - 1.8.0-2
+- Skip ipv6 forwarders without ipv6 support (#1633874)
+
+* Wed Sep 19 2018 Petr Menšík <pemensik@redhat.com> - 1.8.0-1
+- Rebase to 1.8.0
+
+* Tue Aug 14 2018 Paul Wouters <pwouters@redhat.com> - 1.7.3-9
+- Fix for restarting unbound service after deleting key/pem files for remote control
+
+* Tue Jul 31 2018 Petr Menšík <pemensik@redhat.com> - 1.7.3-8
+- Release memory in unbound-host
+
+* Mon Jul 23 2018 Petr Menšík <pemensik@redhat.com> - 1.7.3-7
+- Remove unused Group tag
+
+* Wed Jul 18 2018 Petr Menšík <pemensik@redhat.com> - 1.7.3-6
+- Cleanup generated client and server keys (#1601773)
+
+* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.7.3-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
+
+* Mon Jul 09 2018 Petr Menšík <pemensik@redhat.com> - 1.7.3-4
+- Do not call ldconfig if possible
+
+* Wed Jul 04 2018 Petr Menšík <pemensik@redhat.com> - 1.7.3-3
+- Update trust anchors also behind firewall (#1598078)
+
+* Mon Jul 02 2018 Miro Hrončok <mhroncok@redhat.com> - 1.7.3-2
+- Rebuilt for Python 3.7
+
+* Wed Jun 27 2018 Petr Menšík <pemensik@redhat.com> - 1.7.3-1
+- Update to 1.7.3 (#1593708)
+
+* Wed Jun 27 2018 Petr Menšík <pemensik@redhat.com> - 1.7.2-3
+- Remove last python2 dependency from python3 build
+
+* Tue Jun 19 2018 Miro Hrončok <mhroncok@redhat.com> - 1.7.2-2
+- Rebuilt for Python 3.7
+
+* Mon Jun 11 2018 Paul Wouters <pwouters@redhat.com> - 1.7.2-1
+- Resolves rhbz#1589807 unbound-1.7.2 is available
+- Add patch to fix stub/forward zone not returning ServFail when TTL expires
+- Enabled the new root-key-sentinel option
+
+* Wed May 30 2018 Petr Menšík <pemensik@redhat.com> - 1.7.1-1
+- Update to 1.7.1 (#1574495)
+
+* Mon Apr 09 2018 Petr Menšík <pemensik@redhat.com> - 1.7.0-5
+- Require gcc and make on build
+- Remove group, simplify systemd requires
+- Simplify building with single python version, make python3 primary
+
+* Mon Apr 09 2018 Paul Wouters <pwouters@redhat.com> - 1.7.0-4
+- Patch for prefetching after flushing cache
+
+* Fri Apr 06 2018 Paul Wouters <pwouters@redhat.com> - 1.7.0-3
+- Patch for referral with auth-zone: response
+
+
+* Wed Mar 21 2018 Paul Wouters <pwouters@redhat.com> - 1.7.0-2
+- Patch for broken Aggressive NSEC + stub-zone configuration causing NXDOMAIN at TTL expiry
+
+* Thu Mar 15 2018 Paul Wouters <pwouters@redhat.com> - 1.7.0-1
+- Updated to 1.7.0 (aggressive nsec, local root support, bugfixes)
+
+* Thu Feb 22 2018 Petr Menšík <pemensik@redhat.com> - 1.6.8-6
+- Uncomment again original max-upd-size
+
+* Wed Feb 21 2018 Petr Menšík <pemensik@redhat.com> - 1.6.8-5
+- Use default RPM build flags and configure parameters (#1539097)
+
+* Wed Feb 21 2018 Petr Menšík <pemensik@redhat.com> - 1.6.8-4
+- Remove group writable bit from some config files (#1528445)
+
+* Wed Feb 14 2018 Filipe Rosset <rosset.filipe@gmail.com> - 1.6.8-3
+- rebuilt due new libevent 2.1.8
+
+* Fri Feb 09 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 1.6.8-2
+- Escape macros in %%changelog
+
+* Mon Jan 22 2018 Paul Wouters <pwouters@redhat.com> - 1.6.8-1
+- Resolves rhbz#1483572 unbound-1.6.8 is available
+- Resolves rhbz#1507049 CVE-2017-15105 unbound: Improper validation of wildcard synthesized NSEC records
+- Resolves rhbz#1536518 CVE-2017-15105 unbound: Improper validation of wildcard synthesized NSEC records [fedora-all]
+
+* Sun Dec 17 2017 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 1.6.7-2
+- Python 2 binary package renamed to python2-unbound
+  See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3
+
+* Thu Oct 12 2017 Paul Wouters <pwouters@redhat.com> - 1.6.7-1
+- Updated to 1.6.7 (minor bugfixes)
+
+* Tue Oct 03 2017 Petr Menšík <pemensik@redhat.com> - 1.6.6-3
+- Update icannbundle.pem
+
+* Mon Oct 02 2017 Paul Wouters <pwouters@redhat.com> - 1.6.6-2
+- Enable RFC 8145 Trust Anchor Signaling to help the root zone get keytag statistics
+
+* Fri Sep 22 2017 Paul Wouters <pwouters@redhat.com> - 1.6.6-1
+- Resolves: rhbz#1483572 unbound-1.6.6 is available
+- Resolves: rhbz#1465575 unbound fails to start up, complains about missing ipsecmod-hook (edit)
+
+* Wed Aug 16 2017 Paul Wouters <pwouters@redhat.com> - 1.6.4-4
+- Rebuilt with KSK2017 added to root.key and root.anchor
+- Remove noreplace for root key files. We can only improve these files over local copies
+
+* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.6.4-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
+
+* Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.6.4-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
+
+* Sun Jul 02 2017 Paul Wouters <pwouters@redhat.com> - 1.6.4-1
+- Updated to 1.6.4 full release, patch to allow missing ipsechook
+- Resolves rhbz#1465575 unbound fails to start up, complains about missing ipsecmod-hook
+
+* Thu Jun 22 2017 Paul Wouters <pwouters@redhat.com> - 1.6.4-0.rc2
+- Update to 1.6.4 (esubnet, ipsecmod support, bugfixes)
+
+* Tue Jun 13 2017 Paul Wouters <pwouters@redhat.com> - 1.6.3-1
+- Updated to 1.6.3 (fixes assertion failure when receiving malformed packet with 0x20 enabled)
+
+* Thu Jun 08 2017 Paul Wouters <pwouters@redhat.com> - 1.6.2-2
+- Patch for cmd: unbound-control set_option val-permissive-mode: yes
+
+* Wed Apr 26 2017 Paul Wouters <pwouters@redhat.com> - 1.6.2-1
+- Update to 1.6.2 (rhbz#1425649)
+- Updated unbound.conf with new options
+
+* Wed Mar 22 2017 Paul Wouters <pwouters@redhat.com> - 1.6.0-6
+- Call make unbound-event-install to install unbound-event.h
+
+* Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.6.0-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
+
+* Wed Jan 18 2017 Paul Wouters <pwouters@redhat.com> - 1.6.0-4
+- Remove obsoleted DLV key
+
+* Mon Jan 02 2017 Paul Wouters <pwouters@redhat.com> - 1.6.0-3
+- Actually remove dependency because minimum is always satisfied
+
+* Mon Jan 02 2017 Paul Wouters <pwouters@redhat.com> - 1.6.0-2
+- Depend on openssl-libs, not opensl
+
+* Wed Dec 21 2016 Kevin Fenzi <kevin@scrye.com> - 1.6.0-1
+- Update to 1.6.0
+
+* Mon Dec 19 2016 Miro Hrončok <mhroncok@redhat.com> - 1.5.10-3
+- Rebuild for Python 3.6
+
+* Wed Oct 26 2016 Ilya Evseev <evseev.i@cdnnow.ru> - 1.5.10-2
+- Bugfix building without python2 and python3
+- Fixup streamtcp build (Paul)
+
+* Tue Sep 27 2016 Paul Wouters <pwouters@redhat.com> - 1.5.10-1
+- Updated to 1.5.10 (better TCP handling, bugfixes)
+- Install pkgconfig file in -devel package
+- Updated unbound.conf
+
+* Tue Jul 19 2016 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.5.9-4
+- https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages
+
+* Thu Jul 07 2016 Paul Wouters <pwouters@redhat.com> - 1.5.9-3
+- Fix upper port range to 60999 because that's what selinux allows
+
+* Thu Jun 16 2016 Paul Wouters <pwouters@redhat.com> - 1.5.9-2
+- Patch for allowing more queries before failure (needed for query minimalization)
+
+* Mon Jun 13 2016 Paul Wouters <pwouters@redhat.com> - 1.5.9-1
+- Updated to 1.5.9
+
+* Thu Apr 21 2016 Toshio Kuratomi <toshio@fedoraproject.org> - 1.5.8-2
+- Fix streamtcp to link against libpython3.x instead of libpython2.x
+
+* Wed Mar 02 2016 Paul Wouters <pwouters@redhat.com> - 1.5.8-1
+- Update to 1.5.8 (rhbz#1313831) which incorporates rhbz#1294339 patch
+- Updated unbound.conf with new upstream options
+- Enabled ip-transparent: yes (see rhbz#1291449)
+
+* Fri Feb 05 2016 Fedora Release Engineering <releng@fedoraproject.org> - 1.5.7-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
+
+* Thu Jan 21 2016 Tomas Hozza <thozza@redhat.com> - 1.5.7-2
+- Fix escaping of shell chars in unbound-control-setup (#1294339)
+
+* Fri Dec 11 2015 Paul Wouters <pwouters@redhat.com> - 1.5.7-1
+- Update to 1.5.7
+- Enable query minimalization for enhanced DNS query privacy
+- Enable nxdomain hardening to assist with query minimalization and SBLs
+- Updated default unbound.conf for new features from upstream.
+
+* Fri Nov 13 2015 Tomas Hozza <thozza@redhat.com> - 1.5.6-1
+- Update to 1.5.6 (#1176729)
+
+* Wed Nov 04 2015 Robert Kuska <rkuska@redhat.com> - 1.5.5-2
+- Rebuilt for Python3.5 rebuild
+
+* Wed Oct 07 2015 Tomas Hozza <thozza@redhat.com> - 1.5.5-1
+- New upstream release 1.5.5 (#1269137)
+- Removed the anchor update from %%post section of -libs subpackage (#1269137#c2)
+
+* Tue Sep 15 2015 Tomas Hozza <thozza@redhat.com> - 1.5.4-5
+- Removed dependency and ordering on unbound-anchor.service in unbound.service
+
+* Thu Sep 03 2015 Tomas Hozza <thozza@redhat.com> - 1.5.4-4
+- Prefer Python3 build over Python2 build for now (#1254566)
+
+* Mon Jul 20 2015 Tomas Hozza <thozza@redhat.com> - 1.5.4-3
+- Added ExecReload section to unbound.service (#1195785)
+- Removed After syslog.target since it is not needed any more
+
+* Thu Jul 16 2015 Tomas Hozza <thozza@redhat.com> - 1.5.4-2
+- Start unbound-anchor.timer only on new installations
+- Rename root.anchor to root.key in %%post section
+
+* Tue Jul 14 2015 Paul Wouters <pwouters@redhat.com> - 1.5.4-1
+- Update to 1.5.4
+- Removed patches merged into upstream
+
+* Tue Jun 16 2015 Tomas Hozza <thozza@redhat.com> - 1.5.3-8
+- Revert: Use low maximum negative cache TTL (5 sec) (#1229596)
+
+* Mon Jun 15 2015 Tomas Hozza <thozza@redhat.com> - 1.5.3-7
+- Add option for maximum negative cache TTL (#1229599)
+- Use low maximum negative cache TTL (5 sec) (#1229596)
+
+* Tue May 26 2015 Tomas Hozza <thozza@redhat.com> - 1.5.3-6
+- Removed usage of DLV from the default configuration (#1223363)
+
+* Wed May 13 2015 Tomas Hozza <thozza@redhat.com> - 1.5.3-5
+- unbound.service now Wants unbound-anchor.timer
+- unbound-anchor man page moved to the unbound-libs
+
+* Mon May 11 2015 Paul Wouters <pwouters@redhat.com> - 1.5.3-4
+- Fixup scriptlets causing systemctl: command not found
+- Resolves rhbz#1219587 Error in PREIN scriptlet in rpm package unbound-libs
+
+* Mon Apr 27 2015 Tomas Hozza <thozza@redhat.com> - 1.5.3-3
+- migrate cronjob to systemd timer unit (#1177285)
+- change the period for unbound-anchor from monthly to daily (#1180267)
+- Thanks to Tomasz Torcz <ttorcz@fedoraproject.org> for the initial patch
+
+* Thu Apr 16 2015 Tomas Hozza <thozza@redhat.com> - 1.5.3-2
+- Fix FTBFS (#1206129)
+- Build python3-unbound and python-unbound bindings for Python 3 and 2 (#1188080)
+
+* Mon Mar 16 2015 Paul Wouters <pwouters@redhat.com> - 1.5.3-1
+- Updated to 1.5.3 which is a bugfix on 1.5.2 for sighup handling
+- Updated to 1.5.2 which fixes DNSSEC validation with different
+  trust anchors upstream, local-zone has a new keyword 'inform'
+
+* Mon Feb 02 2015 Paul Wouters <pwouters@redhat.com> - 1.5.1-4
+- Build with --enable-ecdsa
+
+* Sun Feb 01 2015 Paul Wouters <pwouters@redhat.com> - 1.5.1-3
+- Fix post to create root.anchor, not root.key, to match cron job
+
+* Tue Dec 09 2014 Paul Wouters <pwouters@redhat.com> - 1.5.1-2
+- Change systemd-units to systemd
+- Use _tmpfilesdir macro, don't mark tmpfiles as config
+
+* Tue Dec 09 2014 Paul Wouters <pwouters@redhat.com> - 1.5.1-1
+- Update to 1.5.1 for CVE-2014-8602 (rhbz#1172066)
+- Removed unbound-aarch64.patch which was merged upstream
+- Don't require autotools for non snapshots or run autoreconf
+
+* Fri Nov 28 2014 Tomas Hozza <thozza@redhat.com> - 1.5.1-0.1.rc1
+- update to 1.5.1rc1
+
+* Fri Nov 28 2014 Marcin Juszkiewicz <mjuszkiewicz@redhat.com> - 1.5.0-3
+- fix build on aarch64
+
+* Wed Nov 26 2014 Tomas Hozza <thozza@redhat.com> - 1.5.0-2
+- Fix race condition in arc4random (#1166878)
+
+* Wed Nov 19 2014 Tomas Hozza <thozza@redhat.com> - 1.5.0-1
+- update to 1.5.0
+
+* Wed Sep 24 2014 Pavel Šimerda <psimerda@redhat.com> - 1.4.22-6
+- Resolves: #1115489 - build with python 3.x for fedora >= 22
+
+* Thu Aug 21 2014 Kevin Fenzi <kevin@scrye.com> - 1.4.22-5
+- Rebuild for rpm bug 1131960
+
+* Mon Aug 18 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.22-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
+
+* Sun Jun 08 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.22-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
+
+* Thu May 01 2014 Paul Wouters <pwouters@redhat.com> - 1.4.22-2
+- Added flushcache patch (SVN commit 3125)
+
+* Thu Mar 13 2014 Paul Wouters <pwouters@redhat.com> - 1.4.22-1
+- Updated to 1.4.22
+- No longer requires the ldns library
+
+* Thu Jan 16 2014 Tomas Hozza <thozza@redhat.com> - 1.4.21-3
+- Fix segfault on adding insecure forward zone when using only iterator (#1054192)
+
+* Mon Oct 21 2013 Tomas Hozza <thozza@redhat.com> - 1.4.21-2
+- run test suite during the build
+
+* Thu Sep 19 2013 Paul Wouters <pwouters@redhat.com> - 1.4.21-1
+- Updated to 1.4.21,
+- Enabled new max-udp-size: 3072 (so ANY isc.org won't fit)
+- Removed patched merged in by upstream
+- Enable statistics-cumulative for munin-plugin
+- Added outgoing-port-avoid: 0-32767 conformant to SElinux restrictions
+- Updated unbound.conf
+
+* Mon Aug 26 2013 Tomas Hozza <thozza@redhat.com> - 1.4.20-19
+- Fix errors found by static analysis of source
+
+* Mon Aug 12 2013 Paul Wouters <pwouters@redhat.com> - 1.4.20-18
+- Change unbound.conf to only use ephemeral ports (32768-65535)
+
+* Sun Aug 04 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.20-17
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
+
+* Mon Jul 22 2013 Tomas Hozza <thozza@redhat.com> - 1.4.20-16
+- provide man page for unbound-streamtcp
+
+* Mon Jul 08 2013 Paul Wouters <pwouters@redhat.com> - 1.4.20-15
+- Re-introduce hardening flags for full relro and pie
+- Fixes compilation failure for python module
+
+* Wed Jul 03 2013 Tomas Hozza <thozza@redhat.com> - 1.4.20-14
+- remove missing unbound-rootkey.service from post/preun/postun sections
+- don't hardcode hardening flags, let hardened build macro handles it
+
+* Sat Jun 01 2013 Paul Wouters <pwouters@redhat.com> - 1.4.20-13
+- Run unbound-anchor as user unbound in unbound.service
+
+* Tue May 28 2013 Paul Wouters <pwouters@redhat.com> - 1.4.20-12
+- Enable round-robin (with noths() patch)
+- Change cron and systemd service to use root.key, not root.anchor
+
+* Sat May 25 2013 Paul Wouters <pwouters@redhat.com> - 1.4.20-10
+- Use /var/lib/unbound/root.key (more consistent with other distros)
+- Enable minimal responses
+
+* Mon Apr 22 2013 Paul Wouters <pwouters@redhat.com> - 1.4.20-8
+- Refix
+
+* Fri Apr 19 2013 Paul Wouters <pwouters@redhat.com> - 1.4.20-7
+- Fix runuser call in post.
+
+* Tue Apr 16 2013 Paul Wouters <pwouters@redhat.com> - 1.4.20-6
+- /var/lib/unbound should be owned by unbound. group write is not enough
+
+* Fri Apr 12 2013 Paul Wouters <pwouters@redhat.com> - 1.4.20-5
+- Fix cron job syntax (rhbz#951725)
+- Use install -p to prevent .rpmnew files that are identical to originals
+
+* Mon Apr 8 2013 Paul Wouters <pwouters@redhat.com> - 1.4.20-4
+- Updated to 1.4.20
+- Build with full RELRO (not use -z,relro but with -z,relo,-z,now)
+- Fixup man page for unbound-control-setup
+- unbound.service should start before nss-lookup.target (rhbz#919955)
+- Removed patch for rhbz#888759 merged in upstream
+- Move root.anchor to /var/lib/unbound to make selinux policy easier for updating (rhbz#896599/rhbz#891008)
+- Move cronjob for root.anchor from unbound to unbound-libs, require crontabs
+- /etc/unbound (and all) should be owned by unbound-libs (rhbz#909691)
+- Remove Obsolete/Provides for dnssec-conf which was last seen in f13
+- Ensure any unbound-anchor failure in post is ignored
+
+* Tue Mar 05 2013 Adam Tkac <atkac redhat com> - 1.4.19-5
+- build with full RELRO
+- symlink unbound-control-setup.8 manpage to unbound-control.8
+
+* Fri Feb 15 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.19-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
+
+* Wed Dec 12 2012 Paul Wouters <pwouters@redhat.com> - 1.4.19-3
+- Updated to 1.4.19 - this integrates all existing patches
+- Patch for unbound-anchor (rhbz#888759)
+
+* Fri Nov 09 2012 Paul Wouters <pwouters@redhat.com> - 1.4.18-6
+- Patch to ensure stube-zone's aren't lost when using dnssec-triggerd
+- added unbound-munin.README file
+
+* Wed Sep 26 2012 Paul Wouters <pwouters@redhat.com> - 1.4.18-5
+- Patch to allow wildcards in include: statements
+- Add directories /etc/unbound/keys.d,conf.d,local.d with
+  example entries
+- Added /etc/unbound/root.anchor, maintained by unbound-anchor
+  which is installed as monthly cron and PreExec in systemd config
+  (root.key is unused, but left installed in case people depend on it)
+- Native systemd (simple) and /etc/sysconfig/unbound support
+- Run unbound-checkconf in PreExec
+- Moved trust anchor related files to unbound-libs, as they can
+  be used without the daemon.
+- sub packages now depends on base package of same arch
+- Build munin package as noarch
+- unbound-anchor moved to unbound-libs package. It is needed
+  to update the root.anchor key file.
+
+* Tue Sep 04 2012 Paul Wouters <pwouters@redhat.com> - 1.4.18-3
+- Fix openssl thread locking bug under high query load
+
+* Thu Aug 23 2012 Paul Wouters <pwouters@redhat.com> - 1.4.18-2
+- Use new systemd-rpm macros (rhbz#850351)
+- Clean up old obsoleted dnssec-conf from < fedora 15
+
+* Fri Aug 03 2012 Paul Wouters <pwouters@redhat.com> - 1.4.18-1
+- Updated to 1.4.18 (FIPS related fixes mostly)
+- Removed patches that were merged in upstream
+- Added comment to root.key
+
+* Mon Jul 23 2012 Paul Wouters <pwouters@redhat.com> - 1.4.17-5
+- Fix for unbound crasher (upstream bug #452)
+- Support libunbound functions in man pages and place in -devel
+
+* Sun Jul 22 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.17-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
+
+* Tue Jul 03 2012 Paul Wouters <pwouters@redhat.com> - 1.4.17-3
+- unbound FIPS patches for MD5,randomness (rhbz#835106)
+
+* Fri Jun 15 2012 Adam Tkac <atkac redhat com> - 1.4.17-2
+- don't build unbound-munin on RHEL
+
+* Thu May 24 2012 Paul Wouters <pwouters@redhat.com> - 1.4.17-1
+- Updated to 1.4.17 (which mostly brings in patches we already
+  applied from svn trunk)
+
+* Wed Feb 29 2012 Paul Wouters <pwouters@redhat.com> - 1.4.16-3
+- Since the daemon links to the libs staticly, add Requires:
+  (this is rhbz#745288)
+- Package up streamtcp as unbound-streamtcp (for monitoring)
+
+* Mon Feb 27 2012 Paul Wouters <pwouters@redhat.com> - 1.4.16-2
+- Don't ghost the directory (rhbz#788805)
+- Patch for unbound to support unbound-control forward_zone
+  (needed for openswan in XAUTH mode)
+
+* Thu Feb 02 2012 Paul Wouters <paul@nohats.ca> - 1.4.16-1
+- Upgraded to 1.4.16, which was relesed due to the soname
+  and some DNSSEC validation failures
+
+* Wed Feb 01 2012 Paul Wouters <paul@nohats.ca> - 1.4.15-2
+- Patch for SONAME version (libtool's -version-number vs -version-info)
+
+* Fri Jan 27 2012 Paul Wouters <pwouters@redhat.com> - 1.4.15-1
+- Upgraded to 1.4.15
+- Updated unbound.conf to show how to configure listening on tls443
+
+* Sat Jan 14 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.14-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
+
+* Mon Dec 19 2011 Paul Wouters <paul@cypherpunks.ca> - 1.4.14-1
+- Upgraded to 1.4.14 for CVE-2011-4528 / VU#209659
+- SSL-wrapped query support for dnssec-trigger
+- EDNS handling changes
+- Removed integrated EDNS patches
+- Disabled use-caps-for-id, GoDaddy domains now break on it
+- Enabled new harden-below-nxdomain
+
+* Thu Sep 15 2011 Paul Wouters <paul@xelerance.com> - 1.4.13-1
+- Upgraded to 1.4.13
+- Removed merged in pythonmod patch
+- Added EDNS1480 patch to fix unbound on broken EDNS/UDP networks
+- Fix python to go into sitearch instead of sitelib
+
+* Wed Sep 14 2011 Tom Callaway <spot@fedoraproject.org> - 1.4.12-4
+- convert to systemd, tmpfiles.d
+
+* Mon Aug 08 2011 Paul Wouters <paul@xelerance.com> - 1.4.12-3
+- Added pythonmod docs and examples
+
+* Mon Aug 08 2011 Paul Wouters <paul@xelerance.com> - 1.4.12-2
+- Fix for python module load in the server (Tom Hendrikx)
+- No longer enable --enable-debug as it causes degraded  performance
+  under load.
+
+* Mon Jul 18 2011 Paul Wouters <paul@xelerance.com> - 1.4.12-1
+- Updated to 1.4.12
+
+* Sun Jul 03 2011 Paul Wouters <paul@xelerance.com> - 1.4.11-1
+- Updated to 1.4.11
+- removed integrated CVE patch
+- updated stock unbound.conf for new options introduced
+
+* Mon Jun 06 2011 Paul Wouters <paul@xelerance.com> - 1.4.10-1
+- Added ghost for /var/run/unbound (bz#656710)
+
+* Mon Jun 06 2011 Paul Wouters <paul@xelerance.com> - 1.4.9-3
+- rebuilt
+
+* Wed May 25 2011 Paul Wouters <paul@xelerance.com> - 1.4.9-2
+- Applied patch for CVE-2011-1922 DoS vulnerability
+
+* Sun Mar 27 2011 Paul Wouters <paul@xelerance.com> - 1.4.9-1
+- Updated to 1.4.9
+
+* Sat Feb 12 2011 Paul Wouters <paul@xelerance.com> - 1.4.8-2
+- rebuilt
+
+* Tue Jan 25 2011 Paul Wouters <paul@xelerance.com> - 1.4.8-1
+- Updated to 1.4.8
+- Enable root key for DNSSEC
+- Fix unbound-munin to use proper file (could cause excessive logging)
+- Build unbound-python per default
+- Disable gost as Fedora/EPEL does not allow ECC and has mangled openssl
+
+* Tue Oct 26 2010 Paul Wouters <paul@xelerance.com> - 1.4.5-4
+- Revert last build - it was on the wrong branch
+
+* Tue Oct 26 2010 Paul Wouters <paul@xelerance.com> - 1.4.5-3
+- Disable do-ipv6 per default - causes severe degradation on non-ipv6 machines
+  (see comments in inbound.conf)
+
+* Tue Jun 15 2010 Paul Wouters <paul@xelerance.com> - 1.4.5-2
+- Bump release - forgot to upload the new tar ball.
+
+* Tue Jun 15 2010 Paul Wouters <paul@xelerance.com> - 1.4.5-1
+- Upgraded to 1.4.5
+
+* Mon May 31 2010 Paul Wouters <paul@xelerance.com> - 1.4.4-2
+- Added accidentally omitted svn patches to cvs
+
+* Mon May 31 2010 Paul Wouters <paul@xelerance.com> - 1.4.4-1
+- Upgraded to 1.4.4 with svn patches
+- Obsolete dnssec-conf to ensure it is de-installed
+
+* Thu Mar 11 2010 Paul Wouters <paul@xelerance.com> - 1.4.3-1
+- Update to 1.4.3 that fixes 64bit crasher
+
+* Tue Mar 09 2010 Paul Wouters <paul@xelerance.com> - 1.4.2-1
+- Updated to 1.4.2
+- Updated unbound.conf with new options
+- Enabled pre-fetching DNSKEY records (DNSSEC speedup)
+- Enabled re-fetching popular records before they expire
+- Enabled logging of DNSSEC validation errors
+
+* Mon Mar 01 2010 Paul Wouters <paul@xelerance.com> - 1.4.1-5
+- Overriding -D_GNU_SOURCE is no longer needed. This fixes DSO issues
+  with pthreads
+
+* Wed Feb 24 2010 Paul Wouters <paul@xelerance.com> - 1.4.1-3
+- Change make/configure lines to attempt to fix -lphtread linking issue
+
+* Thu Feb 18 2010 Paul Wouters <paul@xelerance.com> - 1.4.1-2
+- Removed dependancy for dnssec-conf
+- Added ISC DLV key (formerly in dnssec-conf)
+- Fixup old DLV locations in unbound.conf file via %%post
+- Fix parent child disagreement handling and no-ipv6 present [svn r1953]
+
+* Tue Jan 05 2010 Paul Wouters <paul@xelerance.com> - 1.4.1-1
+- Updated to 1.4.1
+- Changed %%define to %%global
+
+* Thu Oct 08 2009 Paul Wouters <paul@xelerance.com> - 1.3.4-2
+- Bump version
+
+* Thu Oct 08 2009 Paul Wouters <paul@xelerance.com> - 1.3.4-1
+- Upgraded to 1.3.4. Security fix with validating NSEC3 records
+
+* Fri Aug 21 2009 Tomas Mraz <tmraz@redhat.com> - 1.3.3-2
+- rebuilt with new openssl
+
+* Mon Aug 17 2009 Paul Wouters <paul@xelerance.com> - 1.3.3-1
+- Updated to 1.3.3
+
+* Sun Jul 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.3.0-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
+
+* Sat Jun 20 2009 Paul Wouters <paul@xelerance.com> - 1.3.0-2
+- Added missing glob patch to cvs
+- Place python macros within the %%with_python check
+
+* Sat Jun 20 2009 Paul Wouters <paul@xelerance.com> - 1.3.0-1
+- Updated to 1.3.0
+- Added unbound-python sub package. disabled for now
+- Patch from svn to fix DLV lookups
+- Patches from svn to detect wrong truncated response from BIND 9.6.1 with
+  minimal-responses)
+- Added Default-Start and Default-Stop to unbound.init
+- Re-enabled --enable-sha2
+- Re-enabled glob.patch
+
+* Wed May 20 2009 Paul Wouters <paul@xelerance.com> - 1.2.1-7
+- unbound-iterator.patch was not commited
+
+* Wed May 20 2009 Paul Wouters <paul@xelerance.com> - 1.2.1-6
+- Fix for https://bugzilla.redhat.com/show_bug.cgi?id=499793
+
+* Tue Mar 17 2009 Paul Wouters <paul@xelerance.com> - 1.2.1-5
+- Use --nocheck to avoid giving an error on missing unbound-remote certs/keys
+
+* Tue Mar 10 2009 Adam Tkac <atkac redhat com> - 1.2.1-4
+- enable DNSSEC only if it is enabled in sysconfig/dnssec
+
+* Mon Mar 09 2009 Adam Tkac <atkac redhat com> - 1.2.1-3
+- add DNSSEC support to initscript and enabled it per default
+- add requires dnssec-conf
+
+* Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.2.1-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
+
+* Tue Feb 10 2009 Paul Wouters <paul@xelerance.com - 1.2.1-1
+- updated to 1.2.1
+
+* Sun Jan 18 2009 Tomas Mraz <tmraz@redhat.com> - 1.2.0-2
+- rebuild with new openssl
+
+* Wed Jan 14 2009 Paul Wouters <paul@xelerance.com - 1.2.0-1
+- Updated to 1.2.0
+- Added dependancy on minimum SSL for CVE-2008-5077
+- Added dependancy on bc for unbound-munin
+- Added minimum requirement of libevent 1.4.5. Crashes with older versions
+  (note: libevent is stale in EL-4 and not in EL-5, needs fixing there)
+- Removed dependancy on selinux-policy (will get used when available)
+- Enable options as per draft-wijngaards-dnsext-resolver-side-mitigation-00.txt
+- Enable unwanted-reply-threshold to mitigate against a Kaminsky attack
+- Enable val-clean-additional to drop addition unsigned data from signed
+  response.
+- Removed patches (got merged into upstream)
+
+* Mon Jan  5 2009 Paul Wouters <paul@xelerance.com> - 1.1.1-7
+- Modified scandir patch to silently fail when wildcard matches nothing
+- Patch to allow unbound-checkconf to find empty wildcard matches
+
+* Mon Jan  5 2009 Paul Wouters <paul@xelerance.com> - 1.1.1-6
+- Added scandir patch for trusted-keys-file: option, which
+  is used to load multiple dnssec keys in bind file format
+
+* Mon Dec  8 2008 Paul Wouters <paul@xelerance.com> - 1.1.1-4
+- Added Requires: for selinux-policy >= 3.5.13-33 for proper SElinux rules.
+
+* Mon Dec  1 2008 Paul Wouters <paul@xelerance.com> - 1.1.1-3
+- We did not own the /etc/unbound directory (#474020)
+- Fixed cvs anomalies
+
+* Fri Nov 28 2008 Adam Tkac <atkac redhat com> - 1.1.1-2
+- removed all obsolete chroot related stuff
+- label control certs after generation correctly
+
+* Thu Nov 20 2008 Paul Wouters <paul@xelerance.com> - 1.1.1-1
+- Updated to unbound 1.1.1 which fixes a crasher and
+  addresses nlnetlabs bug #219
+
+* Wed Nov 19 2008 Paul Wouters <paul@xelerance.com> - 1.1.0-3
+- Remove the chroot, obsoleted by SElinux
+- Add additional munin plugin links supported by unbound plugin
+- Move configuration directory from /var/lib/unbound to /etc/unbound
+- Modified unbound.init and unbound.conf to account for chroot changes
+- Updated unbound.conf with new available options
+- Enabled dns-0x20 protection per default
+
+* Wed Nov 19 2008 Adam Tkac <atkac redhat com> - 1.1.0-2
+- unbound-1.1.0-log_open.patch
+  - make sure log is opened before chroot call
+  - tracked as http://www.nlnetlabs.nl/bugs/show_bug.cgi?id=219
+- removed /dev/log and /var/run/unbound and /etc/resolv.conf from
+  chroot, not needed
+- don't mount files in chroot, it causes problems during updates
+- fixed typo in default config file
+
+* Fri Nov 14 2008 Paul Wouters <paul@xelerance.com> - 1.1.0-1
+- Updated to version 1.1.0
+- Updated unbound.conf's statistics options and remote-control
+  to work properly for munin
+- Added unbound-munin package
+- Generate unbound remote-control  key/certs on first startup
+- Required ldns is now 1.4.0
+
+* Wed Oct 22 2008 Paul Wouters <paul@xelerance.com> - 1.0.2-5
+- Only call ldconfig in -libs package
+- Move configure into build section
+- devel subpackage should only depend on libs subpackage
+
+* Tue Oct 21 2008 Paul Wouters <paul@xelerance.com> - 1.0.2-4
+- Fix CFLAGS getting lost in build
+- Don't enable interface-automatic:yes because that
+  causes unbound to listen on 0.0.0.0 instead of 127.0.0.1
+
+* Sun Oct 19 2008 Paul Wouters <paul@xelerance.com> - 1.0.2-3
+- Split off unbound-libs, make build verbose
+
+* Thu Oct  9 2008 Paul Wouters <paul@xelerance.com> - 1.0.2-2
+- FSB compliance, chroot fixes, initscript fixes
+
+* Thu Sep 11 2008 Paul Wouters <paul@xelerance.com> - 1.0.2-1
+- Upgraded to 1.0.2
+
+* Wed Jul 16 2008 Paul Wouters <paul@xelerance.com> - 1.0.1-1
+- upgraded to new release
+
+* Wed May 21 2008 Paul Wouters <paul@xelerance.com> - 1.0.0-2
+- Build against ldns-1.3.0
+
+* Wed May 21 2008 Paul Wouters <paul@xelerance.com> - 1.0.0-1
+- Split of -devel package, fixed dependancies, make rpmlint happy
+
+* Fri Apr 25 2008 Wouter Wijngaards <wouter@nlnetlabs.nl> - 0.12
+- Using parts from ports collection entry by Jaap Akkerhuis.
+- Using Fedoraproject wiki guidelines.
+
+* Wed Apr 23 2008 Wouter Wijngaards <wouter@nlnetlabs.nl> - 0.11
+- Initial version.

unbound.spec

@@ -31,7 +31,7 @@
 Summary: Validating, recursive, and caching DNS(SEC) resolver
 Name: unbound
 Version: 1.19.0
-Release: 1%{?extra_version:.%{extra_version}}%{?dist}
+Release: %autorelease %{?extra_version:-e %{extra_version}}
 License: BSD-3-Clause
 Url: https://nlnetlabs.nl/projects/unbound/
 Source: https://nlnetlabs.nl/downloads/%{name}/%{name}-%{version}%{?extra_version}.tar.gz
@@ -500,7 +500,4 @@ popd
 %{_mandir}/man1/unbound-*
 
 %changelog
-* Thu Nov 02 2023 Petr Menšík <pemensik@redhat.com> - 1.19.0-1
-- Update to 1.19.0 (#2248686)
-
 %autochangelog