Petr Menšík
84e89add4a
Update to 1.15.0
...
https://nlnetlabs.nl/projects/unbound/download/#unbound-1-15-0
- Fix #596 : unset the RA bit when a query is blocked by an unbound RPZ nxdomain reply.
The option rpz-signal-nxdomain-ra allows to signal that a domain is externally
blocked to clients when it is blocked with NXDOMAIN by unsetting RA.
- Add rpz: for-downstream: yesno option, where the RPZ zone is authoritatively answered
for, so the RPZ zone contents can be checked with DNS queries directed at the RPZ zone.
- Merge PR #616 : Update ratelimit logic. It also introduces ratelimit-backoff and
ip-ratelimit-backoff configuration options.
- Change aggressive-nsec default to yes.
2022-03-29 17:25:53 +02:00
Paul Wouters
0ce96eb790
- Resolves: rhbz#1992985 unbound-1.13.2 is available
...
- Use system-wide crypto policies
2021-08-12 17:58:22 -04:00
Paul Wouters
cf0e47e9b7
add gpg sig
2021-02-09 22:26:31 -05:00
Paul Wouters
809b23a9f1
- Resolves rhbz#1860887 unbound-1.13.1 is available
...
- Fixup unbound.conf
2021-02-09 21:11:43 -05:00
Petr Menšík
65b8de222e
Update to 1.13.0
...
Enabled TLS and TCP stream reuse for increased performance.
2020-12-10 12:01:38 +01:00
Petr Menšík
9b40e98f88
Update to 1.12.0
...
- DNS flag day 2020 applied
- DNS over HTTPS support
- EDNS client tag support
Upstream changelog:
https://nlnetlabs.nl/projects/unbound/download/#unbound-1-12-0
2020-11-10 17:11:44 +01:00
Paul Wouters
554ef607af
update sources for sig file
2020-05-19 15:18:53 -04:00
Paul Wouters
b2855b7bff
* Tue May 19 2020 Paul Wouters <pwouters@redhat.com> - 1.10.1-1
...
- Resolves: rhbz#1837279 unbound-1.10.1 is available
- Resolves: rhbz#1837598 CVE-2020-12662 unbound: insufficient control of network message volume leads to DoS
- Resolves: rhbz#1837609 CVE-2020-12663 unbound: infinite loop via malformed DNS answers received from upstream servers
- Updated unbound.conf for new options in 1.10.1
2020-05-19 15:12:15 -04:00
Petr Menšík
c78f3c816f
Update to 1.10.0 ( #1805199 )
...
Build with a new release.
2020-03-19 13:39:24 +01:00
Paul Wouters
cd68171bad
* Fri Dec 13 2019 Paul Wouters <pwouters@redhat.com> - 1.9.6-1
...
- Resolves: rhbz#1758107 unbound-1.9.5 is available
- Resolves: CVE-2019-18934
2019-12-13 15:20:12 -05:00
Paul Wouters
8890aaa359
* Fri Nov 01 2019 Paul Wouters <pwouters@redhat.com> - 1.9.4-1
...
- Fix build on rhel/centos systems
- Resolves: rhbz#1767955 (CVE-2019-16866) uninitialized memory accesses leads to crash via a crafted NOTIFY query
2019-11-01 15:15:09 -04:00
Paul Wouters
42a7ed2926
- Updated to 1.8.3 with fixes the dns64 bug and has some other minor fixes
2018-12-11 22:07:23 -05:00
Paul Wouters
901f4a3b5b
new sources
2018-12-04 14:10:46 -05:00
Petr Menšík
3d0c001d3e
Update to 1.8.1
...
Signed-off-by: Petr Menšík <pemensik@redhat.com>
2018-10-08 18:30:41 +02:00
Petr Menšík
b3bb4ed3ea
Rebase to 1.8.0
...
Remove all patches accepted upstream
2018-09-17 15:30:23 +02:00
Petr Menšík
e9c5e93a5b
Update sources to 1.7.3
2018-06-27 11:40:56 +02:00
Paul Wouters
e9cb729533
* Mon Jun 11 2018 Paul Wouters <pwouters@redhat.com> - 1.7.2-1
...
- Resolves rhbz#1589807 unbound-1.7.2 is available
- Add patch to fix stub/forward zone not returning ServFail when TTL expires
- Enabled the new root-key-sentinel option
2018-06-11 16:49:15 -04:00
Petr Menšík
749ca6b65b
Update to 1.7.1 ( #1574495 )
...
Signed-off-by: Petr Menšík <pemensik@redhat.com>
2018-05-30 21:08:03 +02:00
Paul Wouters
5a52aae95e
* Thu Mar 15 2018 Paul Wouters <pwouters@redhat.com> - 1.7.0-1
...
- Updated to 1.7.0 (aggressive nsec, local root support, bugfixes)
2018-03-15 17:56:52 -04:00
Paul Wouters
6a2501df2d
* Mon Jan 22 2018 Paul Wouters <pwouters@redhat.com> - 1.6.8-1
...
- Resolves rhbz#1483572 unbound-1.6.8 is available
- Resolves rhbz#1507049 CVE-2017-15105 unbound: Improper validation of wildcard synthesized NSEC records
- Resolves rhbz#1536518 CVE-2017-15105 unbound: Improper validation of wildcard synthesized NSEC records [fedora-all]
2018-01-22 14:26:50 -05:00
Paul Wouters
4c89c2a677
- Updated to 1.6.7 (minor bugfixes)
2017-10-12 00:49:47 -04:00
Paul Wouters
115c5666a2
* Fri Sep 22 2017 Paul Wouters <pwouters@redhat.com> - 1.6.6-1
...
- Resolves: rhbz#1483572 unbound-1.6.6 is available
- Resolves: rhbz#1465575 unbound fails to start up, complains about missing ipsecmod-hook (edit)
2017-09-22 12:47:01 -04:00
Paul Wouters
82db9e94c2
* Sun Jul 02 2017 Paul Wouters <pwouters@redhat.com> - 1.6.4-1
...
- Updated to 1.6.4 full release, patch to allow missing ipsechook
- Resolves rhbz#1465575 unbound fails to start up, complains about missing ipsecmod-hook
2017-07-02 13:46:10 +02:00
Paul Wouters
cfe48497cc
newsources
2017-06-22 16:43:40 -04:00
Paul Wouters
7d28caf1f9
- Updated to 1.6.3 (fixes assertion failure when receiving malformed packet with 0x20 enabled)
2017-06-13 14:20:12 -04:00
Paul Wouters
a57c3b8b64
* Wed Apr 26 2017 Paul Wouters <pwouters@redhat.com> - 1.6.2-1
...
- Update to 1.6.2 (rhbz#1425649)
- Updated unbound.conf with new options
2017-04-26 21:46:09 -04:00
Kevin Fenzi
652f3fa496
Update to 1.6.0
2016-12-21 12:15:01 -07:00
Paul Wouters
9c5452fa42
new sources
2016-09-27 19:46:41 -04:00
Paul Wouters
eb8bec78f6
- Updated to 1.5.9
2016-06-13 11:26:30 -04:00
Paul Wouters
8e51532c90
* Wed Mar 02 2016 Paul Wouters <pwouters@redhat.com> - 1.5.8-1
...
- Update to 1.5.8 which incorporates rhbz#1294339 fix
- Updated unbound.conf with new upstream options
- Enabled ip-transparent: yes (see rhbz#1291449)
2016-03-02 12:35:36 -05:00
Paul Wouters
ec26998079
* Fri Dec 11 2015 Paul Wouters <pwouters@redhat.com> - 1.5.7-1
...
- Update to 1.5.7
- Enable query minimalization for enhanced DNS query privacy
- Enable nxdomain hardening to assist with query minimalization and SBLs
- Updated default unbound.conf for new features from upstream.
2015-12-11 10:06:07 -05:00
Tomas Hozza
86e8e4801e
Update to 1.5.6 ( #1176729 )
2015-11-13 15:20:08 +01:00
Tomas Hozza
63b277e028
New upstream release 1.5.5 ( #1269137 )
...
- Removed the anchor update from %post section of -libs subpackage (#1269137#c2)
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2015-10-07 17:04:36 +02:00
Paul Wouters
fdd77f9ee3
* Tue Jul 14 2015 Paul Wouters <pwouters@redhat.com> - 1.5.4-1
...
- Update to 1.5.4
- Removed patches merged into upstream
2015-07-13 22:45:42 -04:00
Paul Wouters
b22a91503b
* Mon Mar 16 2015 Paul Wouters <pwouters@redhat.com> - 1.5.3-1
...
- Updated to 1.5.3 which is a bugfix on 1.5.2 for sighup handling
- Updated to 1.5.2 which fixes DNSSEC validation with different
trust anchors upstream, local-zone has a new keyword 'inform'
2015-03-16 12:18:28 -04:00
Paul Wouters
74933bccdc
- Update to 1.5.1 for CVE-2014-8602
...
- Removed unbound-aarch64.patch which was merged upstream
2014-12-08 23:34:41 -05:00
Tomas Hozza
72771a7943
update to 1.5.1rc1
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2014-11-28 18:35:08 +01:00
Tomas Hozza
6cdcf55a00
update to 1.5.0
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2014-11-19 17:41:10 +01:00
Paul Wouters
035078ba01
* Thu Mar 13 2014 Paul Wouters <pwouters@redhat.com> - 1.4.22-1
...
- Updated to 1.4.22
- No longer requires the ldns library
2014-03-13 21:44:08 -04:00
Paul Wouters
90b7fa1c7e
* Thu Sep 19 2013 Paul Wouters <pwouters@redhat.com> - 1.4.21-1
...
- Updated to 1.4.21,
- Enabled new max-udp-size: 3072 (so ANY isc.org won't fit)
- Removed patched merged in by upstream
- Enable statistics-cumulative for munin-plugin
- Updated unbound.conf
2013-09-19 10:21:30 -04:00
Paul Wouters
b9ddae3b26
* update to 1.4.20
2013-03-21 16:07:08 -04:00
Paul Wouters
86feacb2f6
* update to 1.4.19
2012-12-12 08:51:45 -05:00
Paul Wouters
136c5eb822
* Fri Aug 03 2012 Paul Wouters <pwouters@redhat.com> - 1.4.18-1
...
- Updated to 1.4.18 (FIPS related fixes mostly)
- Removed patches that were merged in upstream
2012-08-03 15:38:16 -04:00
Paul Wouters
00ecadb24f
uploaded unbound 1.4.17
2012-05-24 13:38:08 -04:00
Paul Wouters
62096c1a2d
* Thu Feb 02 2012 Paul Wouters <paul@nohats.ca> - 1.4.16-1
...
- Upgraded to 1.4.16, which was relesed due to the soname
and some DNSSEC validation failures
2012-02-02 10:00:37 -05:00
Paul Wouters
3bde9d279c
* Fri Jan 27 2012 Paul Wouters <pwouters@redhat.com> - 1.4.15-1
...
- Upgraded to 1.4.15
- Updated unbound.conf to show how to configure listening on tls443
2012-01-27 12:08:41 -05:00
Paul Wouters
d576f6ecc2
* update version/changelog for unbound 1.4.14
2011-12-19 10:04:11 -05:00
Paul Wouters
5023789b72
* Thu Sep 15 2011 Paul Wouters <paul@xelerance.com> - 1.4.13-1
...
- Upgraded to 1.4.13
- Removed merged in pythonmod patch
- Added EDNS1480 patch to fix unbound on broken EDNS/UDP networks
2011-09-15 13:19:04 -04:00
Paul Wouters
087b8ded39
* Updated to unbound 1.4.12
2011-07-18 23:44:31 -04:00
Paul Wouters
e0c8cdaf6a
* Sun Jul 03 2011 Paul Wouters <paul@xelerance.com> - 1.4.11-1
...
- Updated to 1.4.11
- removed integrated CVE patch
- updated stock unbound.conf for new options introduced
2011-07-03 18:16:09 -04:00