Commit Graph

198 Commits

Author SHA1 Message Date
Paul Wouters
1b364a79c9 * Thu May 01 2014 Paul Wouters <pwouters@redhat.com> - 1.4.22-2
- Added flushcache patch (SVN commit 3125)
2014-05-01 10:12:56 -04:00
Paul Wouters
5f65c3ce7c Merge branch 'master' of ssh://pkgs.fedoraproject.org/unbound
Conflicts:
	unbound.spec
2014-03-13 21:48:56 -04:00
Paul Wouters
035078ba01 * Thu Mar 13 2014 Paul Wouters <pwouters@redhat.com> - 1.4.22-1
- Updated to 1.4.22
- No longer requires the ldns library
2014-03-13 21:44:08 -04:00
Tomas Hozza
79ada299ec Fix segfault on adding insecure forward zone when using only iterator (#1054192)
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2014-01-16 19:57:06 +01:00
Tomas Hozza
1321c082e2 run test suite during the build
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2013-10-21 11:58:51 +02:00
Paul Wouters
24ebb22384 unbound.conf: also add outgoing-port-avoid: 0-32767 to ensure we
don't hit the SElinux restrictions of ephemeral ports
2013-09-19 10:25:20 -04:00
Paul Wouters
90b7fa1c7e * Thu Sep 19 2013 Paul Wouters <pwouters@redhat.com> - 1.4.21-1
- Updated to 1.4.21,
- Enabled new max-udp-size: 3072 (so ANY isc.org won't fit)
- Removed patched merged in by upstream
- Enable statistics-cumulative for munin-plugin
- Updated unbound.conf
2013-09-19 10:21:30 -04:00
Paul Wouters
720e14aefa fix old date 2013-09-19 10:01:10 -04:00
Tomas Hozza
46f5a8d1d5 Fix errors found by static analysis of source
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2013-08-26 15:50:38 +02:00
Paul Wouters
97c849787b Merge branch 'master' of ssh://pkgs.fedoraproject.org/unbound
Conflicts:
	unbound.spec
2013-08-12 11:56:28 -04:00
Paul Wouters
cfcdefa766 * Mon Aug 12 2013 Paul Wouters <pwouters@redhat.com> - 1.4.20-16
- Change unbound.conf to only use ephemeral ports (32768-65535)
2013-08-12 11:55:20 -04:00
Dennis Gilmore
98184a59cc - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild 2013-08-04 00:32:18 -05:00
Tomas Hozza
308ffc60bc provide man page for unbound-streamtcp
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2013-07-22 09:33:13 +02:00
Paul Wouters
5bca060465 * Mon Jul 08 2013 Paul Wouters <pwouters@redhat.com> - 1.4.20-15
- Re-introduce hardening flags for full relro and pie
- Fixes compilation failure for python module
2013-07-08 15:53:04 -04:00
Paul Wouters
0f4cecfaa6 Revert "don't hardcode hardening flags, let hardened build macro handles it"
This reverts commit f577e323b0.

The reason is two-fold. It causes the unbound daemon to have less security
(no full relro, no PIE) and it failed to compile for me at all on f19,
failing with:

	checking consistency of all components of python development environment... no
2013-07-08 15:48:24 -04:00
Tomas Hozza
f577e323b0 don't hardcode hardening flags, let hardened build macro handles it
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2013-07-03 15:25:13 +02:00
Tomas Hozza
b3131e6051 remove missing unbound-rootkey.service from post/preun/postun sections
Also remove initscript from repo, since it is not needed any more.

Signed-off-by: Tomas Hozza <thozza@redhat.com>
2013-07-03 15:22:48 +02:00
Paul Wouters
113e33794a * Sat Jun 01 2013 Paul Wouters <pwouters@redhat.com> - 1.4.20-13
- Run unbound-anchor as user unbound in unbound.service
2013-05-31 23:53:15 -04:00
Paul Wouters
6fff6fa4e6 *bump evr 2013-05-28 18:14:20 -04:00
Paul Wouters
3f230f2522 * fixup unbound.conf and the service file to use root.key, not root.anchor 2013-05-28 18:06:00 -04:00
Paul Wouters
3ee340512c * bump evr 2013-05-28 17:25:51 -04:00
Paul Wouters
2dbdb36bf9 * add unbound-1.4.20-roundrobin.patch 2013-05-28 17:24:24 -04:00
Paul Wouters
6ac27d6e17 * bump version, use more common root.key (not root.anchor) 2013-05-25 13:45:48 -04:00
Paul Wouters
6d2a1ea7ef * Don't copy the unbound.anchor into /etc/unbound 2013-05-24 16:49:57 -04:00
Paul Wouters
259a0ee4dc +* Tue May 21 2013 Paul Wouters <pwouters@redhat.com> - 1.4.20-9
- Use /var/lib/unbound/root.anchor (more consistent with other distros)
- Enable round-robin (with noths() patch)
- Enable minimal responses
2013-05-24 16:42:52 -04:00
Paul Wouters
463a11e746 * refix the runuser command in %post 2013-04-22 11:51:40 -04:00
Paul Wouters
179f964c04 * fix runuser call in post 2013-04-19 11:40:58 -04:00
Paul Wouters
2f81455df4 * Tue Apr 16 2013 Paul Wouters <pwouters@redhat.com> - 1.4.20-6
- /var/lib/unbound should be owned by unbound. group write is not enough
2013-04-16 21:30:41 -04:00
Paul Wouters
e1ae447acf * install uses -p, not -a 2013-04-12 19:57:45 -04:00
Paul Wouters
92f8605409 * Fri Apr 12 2013 Paul Wouters <pwouters@redhat.com> - 1.4.20-5
- Fix cron job syntax (rhbz#951725)
- Use install -a to prevent .rpmnew files that are identical to originals
2013-04-12 19:39:09 -04:00
Paul Wouters
938672c248 * fixup hardening, incorporating remaining buzilla items 2013-04-11 13:12:28 -04:00
Paul Wouters
a7bd8d0fd1 * bump release 2013-04-08 17:45:47 -04:00
Paul Wouters
84b927f0cc * bump for space fix 2013-04-08 17:44:53 -04:00
Paul Wouters
41fd112537 udpated changelog 2013-04-08 11:59:58 -04:00
Paul Wouters
b591aebdf2 * add Requires: crontabs for unbound-libs 2013-04-08 11:56:45 -04:00
Paul Wouters
2d358950a3 * use %{_sharedstatedir}/unbound for root key 2013-04-08 11:51:59 -04:00
Paul Wouters
709024d8d5 Merge branch 'master' of ssh://pkgs.fedoraproject.org/unbound
Conflicts:
	unbound.spec
2013-04-08 11:05:38 -04:00
Paul Wouters
79e69dc533 * move/rename root key to /var/lib/unbound/root.key 2013-04-08 11:04:39 -04:00
Paul Wouters
f2c4fe0294 * update changelog 2013-04-08 10:53:49 -04:00
Paul Wouters
6d7184e9c8 * move root.anchor to /var/lib/unbound 2013-04-08 10:52:51 -04:00
Paul Wouters
b9ddae3b26 * update to 1.4.20 2013-03-21 16:07:08 -04:00
Adam Tkac
0f03662997 Build with full RELRO and symlink unbound-control-setup.8 manpage to unbound-control.8
Signed-off-by: Adam Tkac <atkac@redhat.com>
2013-03-05 16:24:17 +01:00
Dennis Gilmore
d6a62e25ba - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild 2013-02-14 20:26:05 -06:00
Paul Wouters
0ab380f115 * -2 was a flawed build, bump again 2012-12-20 15:24:06 -05:00
Paul Wouters
41e5fb9115 * bump 2012-12-20 15:22:59 -05:00
Paul Wouters
d5df5a5afd bump version 2012-12-20 15:09:21 -05:00
Paul Wouters
cb4a1dc6c8 *add patch for #888759 2012-12-20 13:36:24 -05:00
Paul Wouters
c7ac0a0adb * release was -2 instead of -1 2012-12-12 18:25:41 -05:00
Paul Wouters
86feacb2f6 * update to 1.4.19 2012-12-12 08:51:45 -05:00
Paul Wouters
a574083b54 * Fri Nov 09 2012 Paul Wouters <pwouters@redhat.com> - 1.4.18-6
- Patch to ensure stube-zone's aren't lost when using dnssec-triggerd
- added unbound-munin.README file
2012-11-10 17:03:02 -05:00
Paul Wouters
daed88d0ec * Added unbound-munin.README 2012-11-10 12:03:14 -05:00
Paul Wouters
06648b78ed * added unbound-1.4.18-stub-hole.patch 2012-11-09 12:36:35 -05:00
Paul Wouters
570b1daab2 - unbound-anchor moved to unbound-libs package. It is needed
to update the root.anchor key file.
2012-11-03 18:55:14 -04:00
Paul Wouters
6a27d5e317 * put the munin define in the right location 2012-11-03 18:44:12 -04:00
Paul Wouters
0062f43896 * fixup cvs anomalies :( 2012-11-03 17:44:41 -04:00
Paul Wouters
b6e4e1c6e6 remove duplicate source line 2012-11-03 17:34:49 -04:00
Paul Wouters
a7ba25e01c * various unbound fixed
- sub packages now depends on base package of same arch
- Build munin package as noarch
- systemd does not handle empty env vars properly
2012-11-03 17:33:45 -04:00
Paul Wouters
a7f7f61a06 Merge branch 'master' of ssh://pkgs.fedoraproject.org/unbound
Conflicts:
	unbound.spec
2012-11-03 17:32:35 -04:00
Paul Wouters
90deaa6495 * add unbound-anchor support and more flexible config directories 2012-11-03 17:12:29 -04:00
Paul Wouters
c4f62ca05e * add anchor support and more flexible config directories 2012-11-03 13:05:24 -04:00
Paul Wouters
95ed9b464e * remove temp ulimit call to get core on build system. 2012-09-26 18:08:08 -04:00
Paul Wouters
63b4d75846 * missing patch3 2012-09-26 13:08:55 -04:00
Paul Wouters
6f8d333aae * Wed Sep 26 2012 Paul Wouters <pwouters@redhat.com> - 1.4.18-4
- Patch to allow wildcards in include: statements
- Add directories /etc/unbound/keys.d,conf.d,local.d with
  example entries
2012-09-26 12:38:51 -04:00
Paul Wouters
43af8615e5 * Temp add ulimit to code on build system 2012-09-06 11:00:02 -04:00
Paul Wouters
63b8685833 * Tue Sep 04 2012 Paul Wouters <pwouters@redhat.com> - 1.4.18-3
- Fix openssl thread locking bug under high query load
2012-09-04 14:14:02 -04:00
Paul Wouters
8c4f681b8d * Thu Aug 23 2012 Paul Wouters <pwouters@redhat.com> - 1.4.18-2
- Use new systemd-rpm macros (rhbz#850351)
- Clean up old obsoleted dnssec-conf from < fedora 15
2012-08-23 14:40:49 -04:00
Paul Wouters
0d6241b192 - added comment to root.key file 2012-08-05 09:10:11 -04:00
Paul Wouters
136c5eb822 * Fri Aug 03 2012 Paul Wouters <pwouters@redhat.com> - 1.4.18-1
- Updated to 1.4.18 (FIPS related fixes mostly)
- Removed patches that were merged in upstream
2012-08-03 15:38:16 -04:00
Paul Wouters
8580858b0c * Mon Jul 23 2012 Paul Wouters <pwouters@redhat.com> - 1.4.17-5
- Fix for unbound crasher (upstream bug #452)
- Support libunbound functions in man pages and place in -devel
2012-07-23 13:37:51 -04:00
Dennis Gilmore
6b10e8014b - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild 2012-07-21 20:41:00 -05:00
Paul Wouters
943f80f422 slightly reword changelog - add rhbz# 2012-07-03 11:58:40 -04:00
Paul Wouters
9cc8f6adf8 * Tue Jul 03 2012 Paul Wouters <pwouters@redhat.com> - 1.4.17-3
- unbound FIPS patches for lack of md5, and randomness
2012-07-03 11:37:57 -04:00
Adam Tkac
0a7dcbe0ca Don't build unbound-munin on RHEL
Signed-off-by: Adam Tkac <atkac@redhat.com>
2012-06-15 14:37:47 +02:00
Paul Wouters
18cdf892ca * Update unbound to 1.4.17 2012-05-24 13:36:44 -04:00
Paul Wouters
236e44ada3 * Wed Feb 29 2012 Paul Wouters <pwouters@redhat.com> - 1.4.16-3
- Since the daemon links to the libs staticly, add Requires:
  (this is rhbz#745288)
- Package up streamtcp as unbound-streamtcp (for monitoring)
2012-02-29 12:44:32 -05:00
Paul Wouters
5458f44889 * Add change for next release 2012-02-27 21:19:58 -05:00
Paul Wouters
6920848c7e * Mon Feb 27 2012 Paul Wouters <pwouters@redhat.com> - 1.4.16-2
- Don't ghost the directory (rhbz#788805)
- Patch for unbound to support unbound-control forward_zone
  (needed for openswan in XAUTH mode)
2012-02-27 21:03:44 -05:00
Paul Wouters
62096c1a2d * Thu Feb 02 2012 Paul Wouters <paul@nohats.ca> - 1.4.16-1
- Upgraded to 1.4.16, which was relesed due to the soname
  and some DNSSEC validation failures
2012-02-02 10:00:37 -05:00
Paul Wouters
1637b0e712 * Wed Feb 01 2012 Paul Wouters <paul@nohats.ca> - 1.4.15-2
- Patch for SONAME version (libtool's -version-number vs -version-info)
2012-01-31 21:09:27 -05:00
Paul Wouters
3bde9d279c * Fri Jan 27 2012 Paul Wouters <pwouters@redhat.com> - 1.4.15-1
- Upgraded to 1.4.15
- Updated unbound.conf to show how to configure listening on tls443
2012-01-27 12:08:41 -05:00
Dennis Gilmore
1b9b4dc191 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild 2012-01-14 01:30:46 -06:00
Paul Wouters
9af263621b * Mon Dec 19 2011 Paul Wouters <paul@cypherpunks.ca> - 1.4.14-1
- Upgraded to 1.4.14 for CVE-2011-4528 / VU#209659
- SSL-wrapped query support for dnssec-trigger
- EDNS handling changes
- Removed integrated EDNS patches
- Disabled use-caps-for-id, GoDaddy domains now break on it
- Enabled new harden-below-nxdomain
2011-12-19 10:29:22 -05:00
Paul Wouters
d576f6ecc2 * update version/changelog for unbound 1.4.14 2011-12-19 10:04:11 -05:00
Paul Wouters
0bd071a0d7 * brainfart on sitearch 2011-09-15 14:04:40 -04:00
Paul Wouters
157674d4dd * Fix python to go into archlib instead of sitelib 2011-09-15 13:45:22 -04:00
Paul Wouters
d8a37a0637 Merge branch 'master' of ssh://pkgs.fedoraproject.org/unbound
Conflicts:
	unbound.spec
2011-09-15 13:30:00 -04:00
Paul Wouters
5023789b72 * Thu Sep 15 2011 Paul Wouters <paul@xelerance.com> - 1.4.13-1
- Upgraded to 1.4.13
- Removed merged in pythonmod patch
- Added EDNS1480 patch to fix unbound on broken EDNS/UDP networks
2011-09-15 13:19:04 -04:00
Tom "spot" Callaway
a5236243e9 convert to systemd 2011-09-14 16:20:56 -04:00
Paul Wouters
c11a13d55f * Bump release 2011-08-08 18:49:10 -04:00
Paul Wouters
026f7df935 * Mon Aug 08 2011 Paul Wouters <paul@xelerance.com> - 1.4.12-3
- Added pythonmod docs and examples
2011-08-08 18:39:54 -04:00
Paul Wouters
446ddec917 * Mon Aug 08 2011 Paul Wouters <paul@xelerance.com> - 1.4.12-2
- Fix for python module load in the server (Tom Hendrikx)
- No longer enable --enable-debug as it causes degraded  performance
  under load.
2011-08-08 18:02:05 -04:00
Paul Wouters
087b8ded39 * Updated to unbound 1.4.12 2011-07-18 23:44:31 -04:00
Paul Wouters
e0c8cdaf6a * Sun Jul 03 2011 Paul Wouters <paul@xelerance.com> - 1.4.11-1
- Updated to 1.4.11
- removed integrated CVE patch
- updated stock unbound.conf for new options introduced
2011-07-03 18:16:09 -04:00
Paul Wouters
ff840b581b new version of unbound. add #ghost on /var/run file 2011-06-06 22:07:26 -04:00
Paul Wouters
e74f680c47 * Wed May 25 2011 Paul Wouters <paul@xelerance.com> - 1.4.9-2
- Applied patch for CVE-2011-1922 DoS vulnerability
2011-05-25 15:18:44 -04:00
Paul Wouters
1eeebaf90f added missing files-attr-not-set 2011-03-27 11:55:53 +02:00
Paul Wouters
bff1fb771e updated to 1.4.9 2011-03-27 11:08:46 +02:00
Paul Wouters
df40db990f * Sat Feb 12 2011 Paul Wouters <paul@xelerance.com> - 1.4.8-2
- rebuilt
2011-02-12 13:01:38 -05:00
Paul Wouters
4c0de488f0 * Tue Jan 25 2011 Paul Wouters <paul@xelerance.com> - 1.4.8-1
- Updated to 1.4.8
- Enable root key for DNSSEC
- Fix unbound-munin to use proper file (could cause excessive logging)
- Build unbound-python per default
- Disable gost as Fedora/EPEL does not allow ECC and has mangled openssl
2011-01-25 20:56:16 -05:00
Paul Wouters
ebb8bd324a - Revert last build - it was on the wrong branch 2010-10-26 11:20:05 -04:00