rpms/unbound
7
0
Fork 0
Code Issues Pull Requests Releases Activity
309 Commits 7 Branches 35 Tags 1.1 MiB
42a7ed2926
Commit Graph

309 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Paul Wouters
42a7ed2926 - Updated to 1.8.3 with fixes the dns64 bug and has some other minor fixes 2018-12-11 22:07:23 -05:00
Paul Wouters
6e953c2adb - Fix dns64 allocation in wrong region for returned internal queries. 2018-12-10 15:10:31 -05:00
Paul Wouters
901f4a3b5b new sources 2018-12-04 14:10:46 -05:00
Paul Wouters
2cd0b94125 * Tue Dec 04 2018 Paul Wouters <pwouters@redhat.com> - 1.8.2-1 
- Updated to 1.8.2.
- Enabled deny ANY query support and edns-tcp-keepalive
- Set serve-stale timeout to 4h
- Updated unbound.conf for latest options
 2018-12-04 13:58:11 -05:00
Petr Menšík
9d074af91d Allow group by default to unbound-control (#1640259) 
Signed-off-by: Petr Menšík <pemensik@redhat.com>
 2018-10-22 16:16:09 +02:00
Petr Menšík
3d0c001d3e Update to 1.8.1 
Signed-off-by: Petr Menšík <pemensik@redhat.com>
 2018-10-08 18:30:41 +02:00
Petr Menšík
b3942245cb - Fix #4188: IPv6 forwarders without ipv6 result in SERVFAIL, fixes 
qname minimisation with a forwarder when connectivity has issues
      from rejecting responses.

Resolves: rhbz#1633874
 2018-10-01 20:11:11 +02:00
Petr Menšík
787382dfd5 Reset release and add changelog 2018-09-19 22:41:32 +02:00
Petr Menšík
b3bb4ed3ea Rebase to 1.8.0 
Remove all patches accepted upstream
 2018-09-17 15:30:23 +02:00
Paul Wouters
80badab047 - Ensure if even one of the required files is missing, to restart the keyservice 2018-08-14 22:16:28 -04:00
Paul Wouters
9e1a4984a2 - Fix for restarting unbound service after deleting key/pem files for remote control 2018-08-13 21:36:37 -04:00
Paul Wouters
d7f53648f5 Ensure keygen service is restart as part of the unbound service restart 
So if the admin deletes the key/pem files, a systemctl restart unbound
still works (and generates new key/pem files)
 2018-08-13 21:35:40 -04:00
Petr Menšík
e60bea7ca0 Release memory in unbound-host 
triggered by command:
unbound-host -r -t any -v localhost.
 2018-07-31 15:49:56 +02:00
Petr Menšík
6bacf118fb Remove unused patches from repo 2018-07-30 15:34:30 +02:00
Petr Menšík
b1834b1932 Remove unused Group tag 2018-07-23 18:33:13 +02:00
Petr Menšík
dbae66e0fe Cleanup generated client and server keys (#1601773) 
Signed-off-by: Petr Menšík <pemensik@redhat.com>
 2018-07-18 11:26:09 +02:00
Fedora Release Engineering
2c03912e4c - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2018-07-14 08:12:44 +00:00
Petr Menšík
f4f56550cc - Do not call ldconfig if possible 
- Use systemd macros also for library
 2018-07-09 21:32:23 +02:00
Petr Menšík
985c6a75ed Prefer local resolvers over direct root access. Enables successful trust 
anchor updates also when no direct queries are available, but local
resolvers support dnssec. Fixes bug #1598078
 2018-07-04 12:42:14 +02:00
Miro Hrončok
f39c7483df Rebuilt for Python 3.7 2018-07-02 18:24:21 +02:00
Petr Menšík
e9c5e93a5b Update sources to 1.7.3 2018-06-27 11:40:56 +02:00
Petr Menšík
d062cd9952 Update to 1.7.3 (#1593708) 2018-06-27 11:33:18 +02:00
Petr Menšík
631ffb8d75 Remove last python2 dependency from python3 build 2018-06-27 11:10:36 +02:00
Miro Hrončok
157c83d87f Rebuilt for Python 3.7 2018-06-19 11:29:56 +02:00
Paul Wouters
6361da5b33 add unbound-1.7.2-stub-fwd-ttl.patch 2018-06-11 16:56:20 -04:00
Paul Wouters
e9cb729533 * Mon Jun 11 2018 Paul Wouters <pwouters@redhat.com> - 1.7.2-1 
- Resolves rhbz#1589807 unbound-1.7.2 is available
- Add patch to fix stub/forward zone not returning ServFail when TTL expires
- Enabled the new root-key-sentinel option
 2018-06-11 16:49:15 -04:00
Petr Menšík
749ca6b65b Update to 1.7.1 (#1574495) 
Signed-off-by: Petr Menšík <pemensik@redhat.com>
 2018-05-30 21:08:03 +02:00
Petr Menšík
f81c94bdec Fix disabled python versions in non-Fedora builds 2018-04-09 16:50:39 +02:00
Petr Menšík
749ab1486e Make primary python3 version, but install it last 2018-04-09 11:56:51 +02:00
Petr Menšík
1b283a2c9d Simplify building with single python version 2018-04-09 11:51:39 +02:00
Petr Menšík
20982803c9 Require gcc and make on build 
Remove group, simplify systemd requires

Signed-off-by: Petr Menšík <pemensik@redhat.com>
 2018-04-09 11:35:15 +02:00
Paul Wouters
06f08e4505 * Mon Apr 09 2018 Paul Wouters <pwouters@redhat.com> - 1.7.0-4 
- Patch for prefetching after flushing cache
 2018-04-09 11:10:41 +02:00
Paul Wouters
bdec72db18 * Fri Apr 06 2018 Paul Wouters <pwouters@redhat.com> - 1.7.0-3 
- Patch for referral with auth-zone: response
 2018-04-06 17:01:26 +02:00
Paul Wouters
7760424284 - Patch for broken Aggressive NSEC + stub-zone configuration causing NXDOMAIN at TTL expiry 2018-03-21 22:01:22 +00:00
Paul Wouters
5a52aae95e * Thu Mar 15 2018 Paul Wouters <pwouters@redhat.com> - 1.7.0-1 
- Updated to 1.7.0 (aggressive nsec, local root support, bugfixes)
 2018-03-15 17:56:52 -04:00
Petr Menšík
1b9764fb5a Revert "Improve config formatting" 
This reverts commit 3d0bac0df2.

Uncomment again commented out value and bump version.

Comment by Paul Wouters:
The value of 3072 was tailored to cause a failure for ANY requries to isc.org,
which are used a lot by attackers. Now with 4096,
it will fit and the query can be abused again to
cause amplification with that popular dns query.
 2018-02-22 11:05:25 +01:00
Petr Menšík
ba13eb790b Bump the spec instead, previous is already built 2018-02-21 19:55:03 +01:00
Petr Menšík
26cbcabb59 Use default RPM build flags and configure parameters (#1539097) 2018-02-21 19:49:44 +01:00
Petr Menšík
3d0bac0df2 Improve config formatting 2018-02-21 11:41:24 +01:00
Petr Menšík
14fc685097 Remove group write permission to installed examples 2018-02-21 11:41:22 +01:00
Filipe Rosset
2cd4f499ad - rebuilt due new libevent 2.1.8 2018-02-14 21:55:14 -02:00
Igor Gnatenko
2883f3f78c
Escape macros in %changelog 
Reference: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/thread/Y2ZUKK2B7T2IKXPMODNF6HB2O5T5TS6H/
Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
 2018-02-09 09:06:27 +01:00
Paul Wouters
6a2501df2d * Mon Jan 22 2018 Paul Wouters <pwouters@redhat.com> - 1.6.8-1 
- Resolves rhbz#1483572 unbound-1.6.8 is available
- Resolves rhbz#1507049 CVE-2017-15105 unbound: Improper validation of wildcard synthesized NSEC records
- Resolves rhbz#1536518 CVE-2017-15105 unbound: Improper validation of wildcard synthesized NSEC records [fedora-all]
 2018-01-22 14:26:50 -05:00
Zbigniew Jędrzejewski-Szmek
bced8e7019 Python 2 binary package renamed to python2-unbound 2017-12-17 12:47:15 -05:00
Paul Wouters
4c89c2a677 - Updated to 1.6.7 (minor bugfixes) 2017-10-12 00:49:47 -04:00
Petr Menšík
3c9b28d8d6 Update icannbundle.pem 2017-10-03 16:19:36 +02:00
Paul Wouters
594dd4101a - Enable RFC 8145 Trust Anchor Signaling to help the root zone get keytag statistics 2017-10-02 16:52:53 -04:00
Paul Wouters
115c5666a2 * Fri Sep 22 2017 Paul Wouters <pwouters@redhat.com> - 1.6.6-1 
- Resolves: rhbz#1483572 unbound-1.6.6 is available
- Resolves: rhbz#1465575 unbound fails to start up, complains about missing ipsecmod-hook (edit)
 2017-09-22 12:47:01 -04:00
genodeftest
8906a869c6 Update upstream URL and use HTTPS where possible 
According to https://www.nlnetlabs.nl/projects/unbound/, unbound project URL has moved to the new address.
 2017-09-06 18:46:25 +00:00
Paul Wouters
39e1d789fa * Wed Aug 16 2017 Paul Wouters <pwouters@redhat.com> - 1.6.4-4 
- Rebuilt with KSK2017 added to root.key and root.anchor
- Remove noreplace for root key files. We can only improve these files over local copies
 2017-08-16 14:02:44 -04:00