Overview Repositories Revisions Requests Users Attributes Meta

Revisions of unbound

buildservice-autocommit accepted request 1159844 from Jorik Cronenberg's avatar Jorik Cronenberg (jcronenberg) (revision 176) 
baserev update by copy to link target
Jorik Cronenberg's avatar Jorik Cronenberg (jcronenberg) committed (revision 175) 
- Update to 1.19.3:
buildservice-autocommit accepted request 1156332 from Jorik Cronenberg's avatar Jorik Cronenberg (jcronenberg) (revision 174) 
baserev update by copy to link target
Jorik Cronenberg's avatar Jorik Cronenberg (jcronenberg) committed (revision 173) 
- Update to 1.19.2:
  * Bug Fixes:
    - Fix CVE-2024-1931, Denial of service when trimming EDE text
      on positive replies.
      [bsc#1221164]

- Update to 1.19.2:
  * Bug Fixes:
    - Fix CVE-2024-1931, Denial of service when trimming EDE text
      on positive replies.
      [bsc#1221164]
Jorik Cronenberg's avatar Jorik Cronenberg (jcronenberg) accepted request 1144618 from Stefan Seyfried's avatar Stefan Seyfried (seife) (revision 172) 
disable outgoing-port-permit and outgoing-port-avoid in config file to
suppress the related unbound-checkconf warnings on every start
Jorik Cronenberg's avatar Jorik Cronenberg (jcronenberg) accepted request 1140878 from Jakob Lorenz's avatar Jakob Lorenz (onlyJak0b) (revision 171) 
- Use prefixes instead of sudo in unbound.service (boo#1215628)
buildservice-autocommit accepted request 1153210 from Jorik Cronenberg's avatar Jorik Cronenberg (jcronenberg) (revision 170) 
baserev update by copy to link target
Jorik Cronenberg's avatar Jorik Cronenberg (jcronenberg) accepted request 1152943 from Pedro Monreal Gonzalez's avatar Pedro Monreal Gonzalez (pmonrealgonzalez) (revision 169) 
- Update to 1.19.1:
  * Bug Fixes: [bsc#1219823, CVE-2023-50387][bsc#1219826, CVE-2023-50868]
    - Fix CVE-2023-50387, DNSSEC verification complexity can be
      exploited to exhaust CPU resources and stall DNS resolvers.
    - Fix CVE-2023-50868, NSEC3 closest encloser proof can exhaust CPU.

- Update to 1.19.1:
  * Bug Fixes: [bsc#1219823, CVE-2023-50387][bsc#1219826, CVE-2023-50868]
    - Fix CVE-2023-50387, DNSSEC verification complexity can be
      exploited to exhaust CPU resources and stall DNS resolvers.
    - Fix CVE-2023-50868, NSEC3 closest encloser proof can exhaust CPU.
buildservice-autocommit accepted request 1135978 from Marguerite Su's avatar Marguerite Su (MargueriteSu) (revision 168) 
baserev update by copy to link target
Marguerite Su's avatar Marguerite Su (MargueriteSu) accepted request 1127268 from Pedro Monreal Gonzalez's avatar Pedro Monreal Gonzalez (pmonrealgonzalez) (revision 167) 
- Update to 1.19.0:
  * Features:
    - Fix #850: [FR] Ability to use specific database in Redis, with
      new redis-logical-db configuration option.
    - Merge #944: Disable EDNS DO. Disable the EDNS DO flag in upstream
      requests. This can be helpful for devices that cannot handle
      DNSSEC information. But it should not be enabled otherwise, because
      that would stop DNSSEC validation. The DNSSEC validation would not
      work for Unbound itself, and also not for downstream users. Default
      is no. The option is disable-edns-do: no
    - Expose the script filename in the Python module environment 'mod_env'
      instead of the config_file structure which includes the linked list
      of scripts in a multi Python module setup; fixes #79.
    - Expose the configured listening and outgoing interfaces, if any, as
      a list of strings in the Python 'config_file' class instead of the
      current Swig object proxy; fixes #79.
    - Mailing list patches from Daniel Gröber for DNS64 fallback to plain
      AAAA when no A record exists for synthesis, and minor DNS64 code
      refactoring for better readability.
    - Merge #951: Cachedb no store. The cachedb-no-store: yes option is
      used to stop cachedb from writing messages to the backend storage.
      It reads messages when data is available from the backend.
      The default is no.
  * Bug Fixes:
    - Fix for version generation race condition that ignored changes.
    - Fix #942: 1.18.0 libunbound DNS regression when built without OpenSSL.
    - Fix for WKS call to getservbyname that creates allocation on exit in
      unit test by testing numbers first and testing from the services list later.
    - Fix autoconf 2.69 warnings in configure.
    - Fix #927: unbound 1.18.0 make test error. Fix make test without SHA1.
buildservice-autocommit accepted request 1109502 from Marcus Rueckert's avatar Marcus Rueckert (darix) (revision 166) 
baserev update by copy to link target
Marcus Rueckert's avatar Marcus Rueckert (darix) accepted request 1109457 from Pedro Monreal Gonzalez's avatar Pedro Monreal Gonzalez (pmonrealgonzalez) (revision 165) 
- Update to 1.18.0:
  * Features:
    - Аdd a metric about the maximum number of collisions in lrushah.
    - Set max-udp-size default to 1232. This is the same default value
      as the default value for edns-buffer-size. It restricts client
      edns buffer size choices, and makes unbound behave similar to
      other DNS resolvers.
    - Add harden-unknown-additional option. It removes unknown records
      from the authority section and additional section.
    - Added new static zone type block_a to suppress all A queries for
      specific zones.
    - [FR] Ability to use Redis unix sockets.
    - [FR] Ability to set the Redis password.
    - Features/dropqueuedpackets, with sock-queue-timeout option that
      drops packets that have been in the socket queue for too long.
      Added statistics num.queries_timed_out and query.queue_time_us.max
      that track the socket queue timeouts.
    - 'eqvinox' Lamparter: NAT64 support.
    - [FR] Use kernel timestamps for dnstap.
    - Add cachedb hit stat. Introduces 'num.query.cachedb' as a new
      statistical counter.
    - Add SVCB dohpath support.
    - Add validation EDEs to queries where the CD bit is set.
    - Add prefetch support for subnet cache entries.
    - Add EDE (RFC8914) caching.
    - Add support for EDE caching in cachedb and subnetcache.
    - Downstream DNS Server Cookies a la RFC7873 and RFC9018. Create server
      cookies for clients that send client cookies. This needs to be explicitly
      turned on in the config file with: `answer-cookie: yes`.
  * Bug Fixes
buildservice-autocommit accepted request 1105588 from Marcus Rueckert's avatar Marcus Rueckert (darix) (revision 164) 
baserev update by copy to link target
Marcus Rueckert's avatar Marcus Rueckert (darix) committed (revision 163) 
add changes entry
Marcus Rueckert's avatar Marcus Rueckert (darix) accepted request 1103293 from Adrian Schröter's avatar Adrian Schröter (adrianSuSE) (revision 162) 
openSUSE:Factory libunbound-devel-mini flavor is configured to sync build
counter with unbound package. This means it always triggers a bootstrap
no matter which of the packages got initially triggered.

I am not sure if this is needed at all, if yes, please accept this 
request and forward with an explenation.

If not, just decline it and we will remove the build counter syncing 
in factory as well.

thanks

Details:
https://lists.opensuse.org/archives/list/factory@lists.opensuse.org/thread/6GUU6JUQE72WCWEZCSLQYJLVVTNHBVTE/
Marcus Rueckert's avatar Marcus Rueckert (darix) accepted request 1084728 from Frederic Crozat's avatar Frederic Crozat (fcrozat) (revision 161) 
- Add _multibuild to define additional spec files as additional
  flavors.
  Eliminates the need for source package links in OBS.

- Add _multibuild to define additional spec files as additional
  flavors.
  Eliminates the need for source package links in OBS.
buildservice-autocommit accepted request 1067361 from Marcus Rueckert's avatar Marcus Rueckert (darix) (revision 160) 
baserev update by copy to link target
Marcus Rueckert's avatar Marcus Rueckert (darix) accepted request 1067340 from Pedro Monreal Gonzalez's avatar Pedro Monreal Gonzalez (pmonrealgonzalez) (revision 159) 
- Update to 1.17.1:
  * Features:
    - Expose 'statistics-inhibit-zero' as a configuration option;
      the default value retains Unbound's behavior.
    - Expose 'max-sent-count' as a configuration option; the default
      value retains Unbound's behavior.
    - Merge #461 from Christian Allred: Add max-query-restarts option.
      Exposes an internal configuration but the default value retains
      Unbound's behavior.
    - Merge #569 from JINMEI Tatuya: add keep-cache option to
      'unbound-control reload' to keep caches.
  * Bug Fixes:
    - Merge #768 from fobser: Arithmetic on a pointer to void is a
      GNU extension.
    - In unit test, print python script name list correctly.
    - testcode/dohclient sets log identity to its name.
    - Clarify the use of MAX_SENT_COUNT in the iterator code.
    - Fix that cachedb does not store failures in the external cache.
    - Merge #767 from jonathangray: consistently use IPv4/IPv6 in
      unbound.conf.5.
    - Fix to ignore tcp events for closed comm points.
    - Fix to make sure to not read again after a tcp comm point is
      closed.
    - Fix #775: libunbound: subprocess reap causes parent process
      reap to hang.
    - iana portlist update.
    - Complementary fix for distutils.sysconfig deprecation in
      Python 3.10 to commit 62c5039ab9da42713e006e840b7578e01d66e7f2.
    - Fix #779: [doc] Missing documention in ub_resolve_event() for
      callback parameter was_ratelimited.
Marcus Rueckert's avatar Marcus Rueckert (darix) accepted request 1045741 from Wolfgang Frisch's avatar Wolfgang Frisch (wfrisch) (revision 158) 
- Tighten permissions (boo#1173619)
- Add missing dependency: unbound-control-setup needs /usr/bin/openssl.
buildservice-autocommit accepted request 1032866 from Factory Maintainer's avatar Factory Maintainer (factory-maintainer) (revision 157) 
baserev update by copy to link target
Displaying revisions 1 - 20 of 176
openSUSE Build Service is sponsored by
Places