Opened 9 years ago
Closed 9 years ago
#7001 closed enhancement (fixed)
unbound-1.5.6
Reported by: | Fernando de Oliveira | Owned by: | Igor Živković |
---|---|---|---|
Priority: | normal | Milestone: | 7.9 |
Component: | BOOK | Version: | SVN |
Severity: | normal | Keywords: | |
Cc: |
Description (last modified by )
https://www.unbound.net/downloads/unbound-1.5.6.tar.gz
https://www.unbound.net/downloads/unbound-1.5.6.zip.asc
https://www.unbound.net/downloads/unbound-1.5.6.tar.gz.sha256
ad3823f5895f59da9e408ea273fcf81d8a76914c18864fba256d7f140b83e404
https://unbound.net/download.html
Unbound 1.5.6 Features • Default for ssl-port is port 853, the temporary port assignment for secure domain name system traffic. If you used to rely on the older default of port 443, you have to put a clause in unbound.conf for that. The new value is likely going to be the standardised port number for this traffic. • ANY responses include DNAME records if present, as per Evan Hunt's remark in dnsop. Bug Fixes • Fix segfault in the dns64 module in the formaterror error path. • Fix manpage to suggest using SIGTERM to terminate the server. • iana portlist update. ------------------------------------------------------------------------ Unbound 1.5.5 Features • Change default of harden-algo-downgrade to off. This is lenient for algorithm rollover. • Added permit-small-holddown config to debug fast 5011 rollover. • Allow certificate chain files to allow for intermediate certificates. (thanks Daniel Kahn Gillmor) • Enable ECDHE for servers. Where available, use SSL_CTX_set_ecdh_auto() for TLS-wrapped server configurations to enable ECDHE. Otherwise, manually offer curve p256. Client connections should automatically use ECDHE when available. (thanks Daniel Kahn Gillmor) • [bugzilla: 699 ] Feature --enable-pie option to that builds PIE binary. • [bugzilla: 700 ] Feature --enable-relro-now option that enables full read-only relocation. • [bugzilla: 702 ] New IPs for for h.root-servers.net. Bug Fixes • [bugzilla: 681 ] Fix setting forwarders with unbound-control forward implicitly turns on forward-first. • [bugzilla: 690 ] Fix that reload fails when so-reuseport is yes after changing num-threads. • please afl-gcc (llvm) for uninitialised variable warning. • Fix mktime in unbound-anchor not using UTC. • Fix 5011 anchor update timer after reload. • 5011 implementation does not insist on all algorithms, when harden-algo-downgrade is turned off. • Document in the manual more text about configuring locally served zones. • Document that local-zone nodefault matches exactly and transparent can be used to release a subzone. • [bugzilla: 694 ] Fix that configure script does not detect LibreSSL 2.2.2 • Fix deadlock for local data add and zone add when unbound-control list_local_data printout is interrupted. • [bugzilla: 697 ] Fix get PY_MAJOR_VERSION failure at configure for python 2.4 to 2.6. • changed windows setup compression to be more transparent. • Fix config globbed include chroot treatment, this fixes reload of globs (patch from Dag-Erling Smørgrav). • [bugzilla: 705 ] Fix ub_ctx_set_fwd() return value mishandled on windows. • Fix minor error in unbound.conf.5.in. • Fix unbound.conf(5) access-control description for precedence and default. • Fix unbound-control flush that does not succeed in removing data. • MAX_TARGET_COUNT increased to 64, to fix up sporadic resolution failures. • iana portlist update.
Change History (4)
comment:1 by , 9 years ago
Description: | modified (diff) |
---|---|
Summary: | unbound-1.5.5 → unbound-1.5.6 |
comment:2 by , 9 years ago
comment:3 by , 9 years ago
Owner: | changed from | to
---|---|
Status: | new → assigned |
Note:
See TracTickets
for help on using tickets.
New point version 1.5.6.