Opened 3 years ago

Closed 3 years ago

#10865 closed enhancement (fixed)

unbound-1.7.3

Reported by: Bruce Dubbs Owned by: ken@…
Priority: normal Milestone: 8.3
Component: BOOK Version: SVN
Severity: normal Keywords:
Cc:

Description

New point version.

Change History (4)

comment:1 by ken@…, 3 years ago

Summary: unbound-1.7.2unbound-1.7.3

comment:2 by ken@…, 3 years ago

Owner: changed from blfs-book to ken@…
Status: newassigned

comment:3 by ken@…, 3 years ago

from doc/Changelog

19 June 2018: Wouter

  • Fix for unbound-control on Windows and set TCP socket parameters more closely.
  • Fix windows unbound-control no cert bad file descriptor error.

18 June 2018: Wouter

  • Fix that control-use-cert: no works for 127.0.0.1 to disable certs.
  • Fix unbound-checkconf for control-use-cert.

15 June 2018: Wouter

  • tag for 1.7.3rc1.

14 June 2018: Wouter

  • #4103: Fix that auth-zone does not insist on SOA record first in file for url downloads.
  • Fix that first control-interface determines if TLS is used. Warn when IP address interfaces are used without TLS.
  • Fix nettle compile.

12 June 2018: Ralph

  • Don't count CNAME response types received during qname minimisation as query restart.

12 June 2018: Wouter

  • #4102 for NSD, but for Unbound. Named unix pipes do not use certificate and key files, access can be restricted with file and directory permissions. The option control-use-cert is no longer used, and ignored if found in unbound.conf.
  • Rename tls-additional-ports to tls-additional-port, because every line adds one port.
  • Fix buffer size warning in unit test.
  • remade dependencies in the Makefile.

6 June 2018: Wouter

  • Patch to fix openwrt for mac os build darwin detection in configure.

5 June 2018: Wouter

  • Fix crash if ratelimit taken into use with unbound-control instead of with unbound.conf.

4 June 2018: Wouter

  • Fix deadlock caused by incoming notify for auth-zone.
  • tag for 1.7.2rc1, became 1.7.2 release on 11 June 2018, trunk is 1.7.3 in development from this point.
  • #4100: Fix stub reprime when it becomes useless.

1 June 2018: Wouter

  • Rename additional-tls-port to tls-additional-ports. The older name is accepted for backwards compatibility.

30 May 2018: Wouter

  • Patch from Syzdek: Add ability to ignore RD bit and treat all requests as if the RD bit is set.

29 May 2018: Wouter

  • in compat/arc4random call getentropy_urandom when getentropy fails with ENOSYS.
  • Fix that fallback for windows port.

28 May 2018: Wouter

  • Fix windows tcp and tls spin on events.
  • Add routine from getdns to add windows cert store to the SSL_CTX.
  • tls-win-cert option that adds the system certificate store for authenticating DNS-over-TLS connections. It can be used instead of the tls-cert-bundle option, or with it to add certificates.

25 May 2018: Wouter

  • For TCP and TLS connections that don't establish, perform address update in infra cache, so future selections can exclude them.
  • Fix that tcp sticky events are removed for closed fd on windows.
  • Fix close events for tcp only.

24 May 2018: Wouter

  • Fix that libunbound can do DNS-over-TLS, when configured.
  • Fix that windows unbound service can use DNS-over-TLS.
  • unbound-host initializes ssl (for potential DNS-over-TLS usage inside libunbound), when ssl upstream or a cert-bundle is configured.

23 May 2018: Wouter

  • Use accept4 to speed up incoming TCP (and TLS) connections, available on Linux, FreeBSD and OpenBSD.

17 May 2018: Ralph

  • Qname minimisation default changed to yes.

15 May 2018: Wouter

  • Fix low-rtt-pct to low-rtt-permil, as it is parts in one thousand.

11 May 2018: Wouter

7 May 2018: Wouter

  • Fix windows to not have sticky TLS events for TCP.
  • Fix read of DNS over TLS length and data in one read call.
  • Fix mesh state assertion failure due to callback removal.

3 May 2018: Wouter

  • Fix that configure --with-libhiredis also turns on cachedb.
  • Fix gcc 8 buffer warning in testcode.
  • Fix function type cast warning in libunbound context callback type.

2 May 2018: Wouter

  • Fix fail to reject dead peers in forward-zone, with ssl-upstream.

1 May 2018: Wouter

  • Fix that unbound-control reload frees the rrset keys and returns the memory pages to the system.

30 April 2018: Wouter

  • Fix spelling error in man page and note defaults as no instead of off.

(previous item from 26 April noted as Became 1.7.1 release on 3 May)

comment:4 by ken@…, 3 years ago

Resolution: fixed
Status: assignedclosed
Note: See TracTickets for help on using tickets.