Opened 4 weeks ago

Closed 2 weeks ago

#19769 closed enhancement (fixed)

unbound-1.20.0

Reported by: Bruce Dubbs Owned by: Bruce Dubbs
Priority: normal Milestone: 12.2
Component: BOOK Version: git
Severity: normal Keywords:
Cc:

Description

New minor version.

Change History (3)

comment:1 by Bruce Dubbs, 3 weeks ago

Owner: changed from blfs-book to Bruce Dubbs
Status: newassigned

comment:2 by Bruce Dubbs, 3 weeks ago

From the Changelog:

  • Fix for the DNSBomb vulnerability CVE-2024-33655.
  • Set version number to 1.20.0 for release.
  • Cleanup unnecessary strdup calls for EDE strings.
  • Fix doxygen comment for errinf_to_str_bogus.
  • Fix cachedb with serve-expired-client-timeout disabled. The edns subnet module deletes global cache and cachedb cache when it stores a result, and serve-expired is enabled, so that the global reply, that is older than the ecs reply, does not return after the ecs reply expires.
  • Add unit tests for cachedb and subnet cache expired data.
  • Man page entry for unbound-checkconf -q.
  • Fix #876: [FR] can unbound-checkconf be silenced when configuration is valid?
  • Fix configure flto check error, by finding grep for it.
  • Merge #1041: Stub and Forward unshare. This has one structure for them and fixes #1038: fatal error: Could not initialize thread / error: reading root hints.
  • Fix to disable fragmentation on systems with IP_DONTFRAG, with a nonzero value for the socket option argument.
  • Fix doc unit test for out of directory build.
  • Fix ci workflow for macos for moved install locations.
  • Merge #1053: Remove child delegations from cache when grandchild delegations are returned from parent.
  • Add checklock feature verbose_locking to trace locks and unlocks.
  • Fix edns subnet to sort rrset references when storing messages in the cache. This fixes a race condition in the rrset locks.
  • Fix #1048: Update ax_pkg_swig.m4 and ax_pthread.m4.
  • Fix configure, autoconf for #1048.
  • Merge #1049 from Petr Menšík: Py_NoSiteFlag is not needed since Python 3.8
  • Fix cachedb for serve-expired with serve-expired-client-timeout.
  • Fixup unit test for cachedb server expired client timeout with a check if response if from upstream or from cachedb.
  • Fixup cachedb to not refetch when serve-expired-client-timeout is used.
  • Implement cachedb-check-when-serve-expired: yes option, default is enabled. When serve expired is enabled with cachedb, it first checks cachedb before serving the expired response.
  • Fixup compile without cachedb.
  • Add test for cachedb serve expired.
  • Extended test for cachedb serve expired.
  • Fix makefile dependencies for fake_event.c.
  • Fix cachedb for serve-expired with serve-expired-reply-ttl.
  • Fix to not reply serve expired unless enabled for cachedb.
  • Merge #1043 from xiaoxiaoafeifei: Add loongarch support; updates config.guess(2024-01-01) and config.sub(2024-01-01), verified with upstream.
  • Fix #595: unbound-anchor cannot deal with full disk; it will now first write out to a temp file before replacing the original one, like Unbound already does for auto-trust-anchor-file.
  • Fix comment syntax for view function views_find_view.
  • Merge #1027: Introduce 'cache-min-negative-ttl' option.
  • Fix #1040: fix heap-buffer-overflow issue in function cfg_mark_ports of file util/config_file.c.
  • For #1040: adjust error text and disallow negative ports in other parts of cfg_mark_ports.
  • Fix #1035: Potential Bug while parsing port from the "stub-host" string; also affected forward-zones and remote-control host directives.
  • Fix #369: dnstap showing extra responses; for client responses right from the cache when replying with expired data or prefetching.
  • Fix #1034: DoT forward-zone via unbound-control.
  • Fix for crypto related failures to have a better error string.
  • Fix name of unit test for subnet cache response.
  • Fix #1032: The size of subnet_msg_cache calculation mistake cause memory usage increased beyond expectations.
  • Fix for #1032, add safeguard to make table space positive.
  • Fix comment in lruhash space function.
  • Fix to add unit test for lruhash space that exercises the routines.
  • Fix that when the server truncates the pidfile, it does not follow symbolic links.
  • Fix that the server does not chown the pidfile.
  • Merge #831 from Pierre4012: Improve Windows NSIS installer script (setup.nsi).
  • For #831: Format text, use exclamation icon and explicit label names.
  • Fix rpz so that rpz CNAME can apply after rpz CNAME. And fix that clientip and nsip can give a CNAME.
  • Fix localdata and rpz localdata to match CNAME only if no direct type match is available.
  • Fix that rpz CNAME content is limited to the max number of cnames.
  • Fix rpz, it follows iterator CNAMEs for nsip and nsdname and sets the reply query_info values, that is better for debug logging.
  • Fix rpz that copies the cname override completely to the temp region, so there are no references to the rpz region.
  • Add rpz unit test for nsip action override.
  • Fix rpz for qtype CNAME after nameserver trigger.
  • Merge #1030: Persist the openssl and expat directories for repeated Windows builds.
  • Merge #1028: Clearer documentation for tcp-idle-timeout and edns-tcp-keepalive-timeout.
  • Fix #1021 Inconsistent Behavior with Changing rpz-cname-override and doing a unbound-control reload.

comment:3 by Bruce Dubbs, 2 weeks ago

Resolution: fixed
Status: assignedclosed

Fixed at commits: 

3a3fe00ffc Update to unbound-1.20.0.
c5cb74fea3 Update to libfm-qt-2.0.2.
75b018e962 Update to lxqt-panel-2.0.1.
Note: See TracTickets for help on using tickets.