rpms/unbound
7
0
Fork 0
Code Issues Pull Requests Releases Activity
278 Commits 7 Branches 35 Tags 1.1 MiB
06f08e4505
Commit Graph

232 Commits

Author SHA1 Message Date
Paul Wouters
06f08e4505 * Mon Apr 09 2018 Paul Wouters <pwouters@redhat.com> - 1.7.0-4 
- Patch for prefetching after flushing cache
 2018-04-09 11:10:41 +02:00
Paul Wouters
bdec72db18 * Fri Apr 06 2018 Paul Wouters <pwouters@redhat.com> - 1.7.0-3 
- Patch for referral with auth-zone: response
 2018-04-06 17:01:26 +02:00
Paul Wouters
7760424284 - Patch for broken Aggressive NSEC + stub-zone configuration causing NXDOMAIN at TTL expiry 2018-03-21 22:01:22 +00:00
Paul Wouters
5a52aae95e * Thu Mar 15 2018 Paul Wouters <pwouters@redhat.com> - 1.7.0-1 
- Updated to 1.7.0 (aggressive nsec, local root support, bugfixes)
 2018-03-15 17:56:52 -04:00
Petr Menšík
1b9764fb5a Revert "Improve config formatting" 
This reverts commit 3d0bac0df2.

Uncomment again commented out value and bump version.

Comment by Paul Wouters:
The value of 3072 was tailored to cause a failure for ANY requries to isc.org,
which are used a lot by attackers. Now with 4096,
it will fit and the query can be abused again to
cause amplification with that popular dns query.
 2018-02-22 11:05:25 +01:00
Petr Menšík
ba13eb790b Bump the spec instead, previous is already built 2018-02-21 19:55:03 +01:00
Petr Menšík
26cbcabb59 Use default RPM build flags and configure parameters (#1539097) 2018-02-21 19:49:44 +01:00
Petr Menšík
14fc685097 Remove group write permission to installed examples 2018-02-21 11:41:22 +01:00
Filipe Rosset
2cd4f499ad - rebuilt due new libevent 2.1.8 2018-02-14 21:55:14 -02:00
Igor Gnatenko
2883f3f78c
Escape macros in %changelog 
Reference: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/thread/Y2ZUKK2B7T2IKXPMODNF6HB2O5T5TS6H/
Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
 2018-02-09 09:06:27 +01:00
Paul Wouters
6a2501df2d * Mon Jan 22 2018 Paul Wouters <pwouters@redhat.com> - 1.6.8-1 
- Resolves rhbz#1483572 unbound-1.6.8 is available
- Resolves rhbz#1507049 CVE-2017-15105 unbound: Improper validation of wildcard synthesized NSEC records
- Resolves rhbz#1536518 CVE-2017-15105 unbound: Improper validation of wildcard synthesized NSEC records [fedora-all]
 2018-01-22 14:26:50 -05:00
Zbigniew Jędrzejewski-Szmek
bced8e7019 Python 2 binary package renamed to python2-unbound 2017-12-17 12:47:15 -05:00
Paul Wouters
4c89c2a677 - Updated to 1.6.7 (minor bugfixes) 2017-10-12 00:49:47 -04:00
Petr Menšík
3c9b28d8d6 Update icannbundle.pem 2017-10-03 16:19:36 +02:00
Paul Wouters
594dd4101a - Enable RFC 8145 Trust Anchor Signaling to help the root zone get keytag statistics 2017-10-02 16:52:53 -04:00
Paul Wouters
115c5666a2 * Fri Sep 22 2017 Paul Wouters <pwouters@redhat.com> - 1.6.6-1 
- Resolves: rhbz#1483572 unbound-1.6.6 is available
- Resolves: rhbz#1465575 unbound fails to start up, complains about missing ipsecmod-hook (edit)
 2017-09-22 12:47:01 -04:00
genodeftest
8906a869c6 Update upstream URL and use HTTPS where possible 
According to https://www.nlnetlabs.nl/projects/unbound/, unbound project URL has moved to the new address.
 2017-09-06 18:46:25 +00:00
Paul Wouters
39e1d789fa * Wed Aug 16 2017 Paul Wouters <pwouters@redhat.com> - 1.6.4-4 
- Rebuilt with KSK2017 added to root.key and root.anchor
- Remove noreplace for root key files. We can only improve these files over local copies
 2017-08-16 14:02:44 -04:00
Fedora Release Engineering
f7b2da0bf0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild 2017-08-03 09:46:08 +00:00
Fedora Release Engineering
46d2764132 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild 2017-07-27 20:57:58 +00:00
Paul Wouters
82db9e94c2 * Sun Jul 02 2017 Paul Wouters <pwouters@redhat.com> - 1.6.4-1 
- Updated to 1.6.4 full release, patch to allow missing ipsechook
- Resolves rhbz#1465575 unbound fails to start up, complains about missing ipsecmod-hook
 2017-07-02 13:46:10 +02:00
Paul Wouters
07097d2518 - Update to 1.6.4 (esubnet, ipsecmod support, bugfixes) 2017-06-22 16:34:47 -04:00
Paul Wouters
7d28caf1f9 - Updated to 1.6.3 (fixes assertion failure when receiving malformed packet with 0x20 enabled) 2017-06-13 14:20:12 -04:00
Paul Wouters
a1c71a375c - Patch for cmd: unbound-control set_option val-permissive-mode: yes 2017-06-08 15:44:41 -04:00
Paul Wouters
a57c3b8b64 * Wed Apr 26 2017 Paul Wouters <pwouters@redhat.com> - 1.6.2-1 
- Update to 1.6.2 (rhbz#1425649)
- Updated unbound.conf with new options
 2017-04-26 21:46:09 -04:00
Paul Wouters
1d0203d0e6 only call install once doing both actions 2017-03-22 12:41:12 -04:00
Paul Wouters
3e1303eda9 - Call make unbound-event-install to install unbound-event.h 2017-03-21 22:19:44 -04:00
Fedora Release Engineering
2e01d6cda8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild 2017-02-11 16:42:20 +00:00
Paul Wouters
9f873e2e1a fixup dlv/root key install 2017-01-18 12:41:19 -05:00
Paul Wouters
d83b37c251 - Remove obsoleted DLV key 2017-01-18 12:04:34 -05:00
Paul Wouters
791e5b5f56 - Actually remove dependency because minimum is always satisfied 
(and otherwise we need a %{isa} requirement)
 2017-01-02 17:24:43 -05:00
Paul Wouters
6be4d94c08 Depend on openssl-libs, not opensl 2017-01-02 14:30:14 -05:00
Kevin Fenzi
652f3fa496 Update to 1.6.0 2016-12-21 12:15:01 -07:00
Miro Hrončok
67a4fff523 Rebuild for Python 3.6 2016-12-19 18:20:38 +01:00
Paul Wouters
83df90d678 * Wed Oct 26 2016 Ilya Evseev <evseev.i@cdnnow.ru> - 1.5.10-2 
- Bugfix building without python2 and python3
- Fixup streamtcp build (Paul)

Signed-off-by: Paul Wouters <pwouters@redhat.com>
 2016-11-04 10:32:18 +05:30
Paul Wouters
be41633bf0 * Tue Sep 27 2016 Paul Wouters <pwouters@redhat.com> - 1.5.10-1 
- Updated to 1.5.10 (better TCP handling, bugfixes)
- Install pkgconfig file in -devel package
- Updated unbound.conf
 2016-09-27 19:26:26 -04:00
Fedora Release Engineering
b2ddf2a810 - https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages 2016-07-19 13:04:34 +00:00
Paul Wouters
a147b9358d - Fix upper port range to 60999 because that's what selinux allows 2016-07-07 19:22:06 +03:00
Paul Wouters
b0dab5d25d - Patch for allowing more queries before failure (needed for query minimalization) 2016-06-16 09:29:16 -04:00
Paul Wouters
eb8bec78f6 - Updated to 1.5.9 2016-06-13 11:26:30 -04:00
Toshio Kuratomi
cfb4c4d4ca Fix streamtcp to link against libpython3.x instead of libpython2.x 2016-04-21 16:53:58 -07:00
Paul Wouters
e76827e11e update changelog line 2016-03-02 12:39:04 -05:00
Paul Wouters
8e51532c90 * Wed Mar 02 2016 Paul Wouters <pwouters@redhat.com> - 1.5.8-1 
- Update to 1.5.8 which incorporates rhbz#1294339 fix
- Updated unbound.conf with new upstream options
- Enabled ip-transparent: yes (see rhbz#1291449)
 2016-03-02 12:35:36 -05:00
Fedora Release Engineering
5f261fac04 - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild 2016-02-05 02:19:55 +00:00
Tomas Hozza
aa8e8f6541 Fix escaping of shell chars in unbound-control-setup (#1294339) 2016-01-21 12:35:02 +01:00
Paul Wouters
ec26998079 * Fri Dec 11 2015 Paul Wouters <pwouters@redhat.com> - 1.5.7-1 
- Update to 1.5.7
- Enable query minimalization for enhanced DNS query privacy
- Enable nxdomain hardening to assist with query minimalization and SBLs
- Updated default unbound.conf for new features from upstream.
 2015-12-11 10:06:07 -05:00
Tomas Hozza
86e8e4801e Update to 1.5.6 (#1176729) 2015-11-13 15:20:08 +01:00
Robert Kuska
3247f52bf4 Rebuilt for Python3.5 rebuild 2015-11-04 12:56:16 +01:00
Tomas Hozza
63b277e028 New upstream release 1.5.5 (#1269137) 
- Removed the anchor update from %post section of -libs subpackage (#1269137#c2)

Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2015-10-07 17:04:36 +02:00
Tomas Hozza
bbc56d0b27 Removed dependency and ordering on unbound-anchor.service in unbound.service 
Once ntpdate.service is fixed to order itself After nss-lookup.target,
there will be an ordering loop. To reproduce this do:

[root@notas ~]# yum -y install unbound ntpdate chrony
[root@notas ~]# systemctl enable ntpdate.service chronyd.service unbound-anchor.timer unbound.service unbound-anchor.service
[root@notas ~]# systemd-analyze verify /usr/lib/systemd/system/*

And then in the output you can find:
Found ordering cycle on ntpdate.service/stop
Found dependency on nss-lookup.target/start
Found dependency on unbound.service/start
Found dependency on unbound-anchor.service/start
Found dependency on unbound-anchor.timer/start
Found dependency on time-sync.target/start
Found dependency on chrony-wait.service/stop
Found dependency on chronyd.service/stop
Found dependency on ntpdate.service/stop

Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2015-09-15 14:44:53 +02:00