rpms/unbound
7
0
Fork 0
Code Issues Pull Requests Releases Activity
409 Commits 7 Branches 38 Tags 1.1 MiB
b28b38c26e
Commit Graph

85 Commits

Author SHA1 Message Date
Petr Menšík
9f47e3244e Update to 1.20.0 
https://nlnetlabs.nl/projects/unbound/download/#unbound-1-20-0

Resolves: RHEL-36025
 2024-07-02 18:47:08 +02:00
Petr Menšík
d389610bfb Update to 1.19.0 (#2248686) 
- New disable-edns-do option

Changes:
https://nlnetlabs.nl/projects/unbound/download/#unbound-1-19-0
https://lists.nlnetlabs.nl/pipermail/unbound-users/2023-November/008186.html
 2023-11-10 14:23:28 +01:00
Petr Menšík
249e1d5601 Update to 1.18.0 
https://nlnetlabs.nl/projects/unbound/download/#unbound-1-18-0

- NAT64 support
- Downstream DNS cookies
- EDE caching
- Set max-udp-size default to 1232

Resolves: rhbz#2236097
 2023-09-01 11:05:19 +02:00
Paul Wouters
ff081b069f
update sources 2023-01-13 19:23:47 -05:00
Petr Menšík
1da004f437 Update to 1.17.0 (#2134348) 
https://nlnetlabs.nl/projects/unbound/download/#unbound-1-17-0

New Features:

- Merge #753: ACL per interface. (New interface-* configuration options).
- Merge #760: PROXYv2 downstream support. (New proxy-protocol-port configuration option).
 2022-11-01 16:05:52 +01:00
Petr Menšík
4e237a1016 Update to 1.16.3 
Resolves: rhbz#2128638 CVE-2022-3204
 2022-09-23 23:01:23 +02:00
Petr Menšík
9efe622c79 Update to 0.16.2 (#2105947) 
https://nlnetlabs.nl/projects/unbound/download/#unbound-1-16-2
 2022-08-03 20:12:34 +02:00
Petr Menšík
2c00b91a49 Update to 1.16.0 
Adds basic support for EDE (RFC 8914).

https://nlnetlabs.nl/projects/unbound/download/#unbound-1-16-0
 2022-06-04 12:08:37 +02:00
Petr Menšík
84e89add4a Update to 1.15.0 
https://nlnetlabs.nl/projects/unbound/download/#unbound-1-15-0

- Fix #596: unset the RA bit when a query is blocked by an unbound RPZ nxdomain reply.
  The option rpz-signal-nxdomain-ra allows to signal that a domain is externally
  blocked to clients when it is blocked with NXDOMAIN by unsetting RA.
- Add rpz: for-downstream: yesno option, where the RPZ zone is authoritatively answered
  for, so the RPZ zone contents can be checked with DNS queries directed at the RPZ zone.
- Merge PR #616: Update ratelimit logic. It also introduces ratelimit-backoff and
  ip-ratelimit-backoff configuration options.
- Change aggressive-nsec default to yes.
 2022-03-29 17:25:53 +02:00
Paul Wouters
0ce96eb790
- Resolves: rhbz#1992985 unbound-1.13.2 is available 
- Use system-wide crypto policies
 2021-08-12 17:58:22 -04:00
Paul Wouters
cf0e47e9b7 add gpg sig 2021-02-09 22:26:31 -05:00
Paul Wouters
809b23a9f1 - Resolves rhbz#1860887 unbound-1.13.1 is available 
- Fixup unbound.conf
 2021-02-09 21:11:43 -05:00
Petr Menšík
65b8de222e Update to 1.13.0 
Enabled TLS and TCP stream reuse for increased performance.
 2020-12-10 12:01:38 +01:00
Petr Menšík
9b40e98f88 Update to 1.12.0 
- DNS flag day 2020 applied
- DNS over HTTPS support
- EDNS client tag support

Upstream changelog:
https://nlnetlabs.nl/projects/unbound/download/#unbound-1-12-0
 2020-11-10 17:11:44 +01:00
Paul Wouters
554ef607af update sources for sig file 2020-05-19 15:18:53 -04:00
Paul Wouters
b2855b7bff * Tue May 19 2020 Paul Wouters <pwouters@redhat.com> - 1.10.1-1 
- Resolves: rhbz#1837279 unbound-1.10.1 is available
- Resolves: rhbz#1837598 CVE-2020-12662 unbound: insufficient control of network message volume leads to DoS
- Resolves: rhbz#1837609 CVE-2020-12663 unbound: infinite loop via malformed DNS answers received from upstream servers
- Updated unbound.conf for new options in 1.10.1
 2020-05-19 15:12:15 -04:00
Petr Menšík
c78f3c816f Update to 1.10.0 (#1805199) 
Build with a new release.
 2020-03-19 13:39:24 +01:00
Paul Wouters
cd68171bad * Fri Dec 13 2019 Paul Wouters <pwouters@redhat.com> - 1.9.6-1 
- Resolves: rhbz#1758107 unbound-1.9.5 is available
- Resolves: CVE-2019-18934
 2019-12-13 15:20:12 -05:00
Paul Wouters
8890aaa359 * Fri Nov 01 2019 Paul Wouters <pwouters@redhat.com> - 1.9.4-1 
- Fix build on rhel/centos systems
- Resolves: rhbz#1767955 (CVE-2019-16866) uninitialized memory accesses leads to crash via a crafted NOTIFY query
 2019-11-01 15:15:09 -04:00
Paul Wouters
5bfdf89e03 * Tue Aug 27 2019 Paul Wouters <pwouters@redhat.com> - 1.9.3-1 
- Updated to 1.9.3
- Resolves: rhbz#1672578 unbound-1.9.2 is available
- Resolves: rhbz#1694831 [/usr/lib/tmpfiles.d/unbound.conf:1] Line references path below legacy directory /var/run/
- Resolves: rhbz# 1667387 [abrt] unbound: memmove(): unbound killed by SIGABRT
 2019-08-27 12:14:51 -04:00
Paul Wouters
42a7ed2926 - Updated to 1.8.3 with fixes the dns64 bug and has some other minor fixes 2018-12-11 22:07:23 -05:00
Paul Wouters
901f4a3b5b new sources 2018-12-04 14:10:46 -05:00
Petr Menšík
3d0c001d3e Update to 1.8.1 
Signed-off-by: Petr Menšík <pemensik@redhat.com>
 2018-10-08 18:30:41 +02:00
Petr Menšík
b3bb4ed3ea Rebase to 1.8.0 
Remove all patches accepted upstream
 2018-09-17 15:30:23 +02:00
Petr Menšík
e9c5e93a5b Update sources to 1.7.3 2018-06-27 11:40:56 +02:00
Paul Wouters
e9cb729533 * Mon Jun 11 2018 Paul Wouters <pwouters@redhat.com> - 1.7.2-1 
- Resolves rhbz#1589807 unbound-1.7.2 is available
- Add patch to fix stub/forward zone not returning ServFail when TTL expires
- Enabled the new root-key-sentinel option
 2018-06-11 16:49:15 -04:00
Petr Menšík
749ca6b65b Update to 1.7.1 (#1574495) 
Signed-off-by: Petr Menšík <pemensik@redhat.com>
 2018-05-30 21:08:03 +02:00
Paul Wouters
5a52aae95e * Thu Mar 15 2018 Paul Wouters <pwouters@redhat.com> - 1.7.0-1 
- Updated to 1.7.0 (aggressive nsec, local root support, bugfixes)
 2018-03-15 17:56:52 -04:00
Paul Wouters
6a2501df2d * Mon Jan 22 2018 Paul Wouters <pwouters@redhat.com> - 1.6.8-1 
- Resolves rhbz#1483572 unbound-1.6.8 is available
- Resolves rhbz#1507049 CVE-2017-15105 unbound: Improper validation of wildcard synthesized NSEC records
- Resolves rhbz#1536518 CVE-2017-15105 unbound: Improper validation of wildcard synthesized NSEC records [fedora-all]
 2018-01-22 14:26:50 -05:00
Paul Wouters
4c89c2a677 - Updated to 1.6.7 (minor bugfixes) 2017-10-12 00:49:47 -04:00
Paul Wouters
115c5666a2 * Fri Sep 22 2017 Paul Wouters <pwouters@redhat.com> - 1.6.6-1 
- Resolves: rhbz#1483572 unbound-1.6.6 is available
- Resolves: rhbz#1465575 unbound fails to start up, complains about missing ipsecmod-hook (edit)
 2017-09-22 12:47:01 -04:00
Paul Wouters
82db9e94c2 * Sun Jul 02 2017 Paul Wouters <pwouters@redhat.com> - 1.6.4-1 
- Updated to 1.6.4 full release, patch to allow missing ipsechook
- Resolves rhbz#1465575 unbound fails to start up, complains about missing ipsecmod-hook
 2017-07-02 13:46:10 +02:00
Paul Wouters
cfe48497cc newsources 2017-06-22 16:43:40 -04:00
Paul Wouters
7d28caf1f9 - Updated to 1.6.3 (fixes assertion failure when receiving malformed packet with 0x20 enabled) 2017-06-13 14:20:12 -04:00
Paul Wouters
a57c3b8b64 * Wed Apr 26 2017 Paul Wouters <pwouters@redhat.com> - 1.6.2-1 
- Update to 1.6.2 (rhbz#1425649)
- Updated unbound.conf with new options
 2017-04-26 21:46:09 -04:00
Kevin Fenzi
652f3fa496 Update to 1.6.0 2016-12-21 12:15:01 -07:00
Paul Wouters
9c5452fa42 new sources 2016-09-27 19:46:41 -04:00
Paul Wouters
eb8bec78f6 - Updated to 1.5.9 2016-06-13 11:26:30 -04:00
Paul Wouters
8e51532c90 * Wed Mar 02 2016 Paul Wouters <pwouters@redhat.com> - 1.5.8-1 
- Update to 1.5.8 which incorporates rhbz#1294339 fix
- Updated unbound.conf with new upstream options
- Enabled ip-transparent: yes (see rhbz#1291449)
 2016-03-02 12:35:36 -05:00
Paul Wouters
ec26998079 * Fri Dec 11 2015 Paul Wouters <pwouters@redhat.com> - 1.5.7-1 
- Update to 1.5.7
- Enable query minimalization for enhanced DNS query privacy
- Enable nxdomain hardening to assist with query minimalization and SBLs
- Updated default unbound.conf for new features from upstream.
 2015-12-11 10:06:07 -05:00
Tomas Hozza
86e8e4801e Update to 1.5.6 (#1176729) 2015-11-13 15:20:08 +01:00
Tomas Hozza
63b277e028 New upstream release 1.5.5 (#1269137) 
- Removed the anchor update from %post section of -libs subpackage (#1269137#c2)

Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2015-10-07 17:04:36 +02:00
Paul Wouters
fdd77f9ee3 * Tue Jul 14 2015 Paul Wouters <pwouters@redhat.com> - 1.5.4-1 
- Update to 1.5.4
- Removed patches merged into upstream
 2015-07-13 22:45:42 -04:00
Paul Wouters
b22a91503b * Mon Mar 16 2015 Paul Wouters <pwouters@redhat.com> - 1.5.3-1 
- Updated to 1.5.3 which is a bugfix on 1.5.2 for sighup handling
- Updated to 1.5.2 which fixes DNSSEC validation with different
  trust anchors upstream, local-zone has a new keyword 'inform'
 2015-03-16 12:18:28 -04:00
Paul Wouters
74933bccdc - Update to 1.5.1 for CVE-2014-8602 
- Removed unbound-aarch64.patch which was merged upstream
 2014-12-08 23:34:41 -05:00
Tomas Hozza
72771a7943 update to 1.5.1rc1 
Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2014-11-28 18:35:08 +01:00
Tomas Hozza
6cdcf55a00 update to 1.5.0 
Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2014-11-19 17:41:10 +01:00
Paul Wouters
035078ba01 * Thu Mar 13 2014 Paul Wouters <pwouters@redhat.com> - 1.4.22-1 
- Updated to 1.4.22
- No longer requires the ldns library
 2014-03-13 21:44:08 -04:00
Paul Wouters
90b7fa1c7e * Thu Sep 19 2013 Paul Wouters <pwouters@redhat.com> - 1.4.21-1 
- Updated to 1.4.21,
- Enabled new max-udp-size: 3072 (so ANY isc.org won't fit)
- Removed patched merged in by upstream
- Enable statistics-cumulative for munin-plugin
- Updated unbound.conf
 2013-09-19 10:21:30 -04:00
Paul Wouters
34289517d1 update sources 2013-04-08 10:54:03 -04:00