Opened 9 years ago
Closed 8 years ago
#7001 closed enhancement (fixed)
unbound-1.5.6
| Reported by: | Fernando de Oliveira | Owned by: | Igor Živković |
|---|---|---|---|
| Priority: | normal | Milestone: | 7.9 |
| Component: | BOOK | Version: | SVN |
| Severity: | normal | Keywords: | |
| Cc: |
Description (last modified by )
https://www.unbound.net/downloads/unbound-1.5.6.tar.gz
https://www.unbound.net/downloads/unbound-1.5.6.zip.asc
https://www.unbound.net/downloads/unbound-1.5.6.tar.gz.sha256
ad3823f5895f59da9e408ea273fcf81d8a76914c18864fba256d7f140b83e404
https://unbound.net/download.html
Unbound 1.5.6
Features
• Default for ssl-port is port 853, the temporary port assignment for
secure domain name system traffic. If you used to rely on the older
default of port 443, you have to put a clause in unbound.conf for
that. The new value is likely going to be the standardised port
number for this traffic.
• ANY responses include DNAME records if present, as per Evan Hunt's
remark in dnsop.
Bug Fixes
• Fix segfault in the dns64 module in the formaterror error path.
• Fix manpage to suggest using SIGTERM to terminate the server.
• iana portlist update.
------------------------------------------------------------------------
Unbound 1.5.5
Features
• Change default of harden-algo-downgrade to off. This is lenient for
algorithm rollover.
• Added permit-small-holddown config to debug fast 5011 rollover.
• Allow certificate chain files to allow for intermediate
certificates. (thanks Daniel Kahn Gillmor)
• Enable ECDHE for servers. Where available, use
SSL_CTX_set_ecdh_auto() for TLS-wrapped server configurations to
enable ECDHE. Otherwise, manually offer curve p256. Client
connections should automatically use ECDHE when available. (thanks
Daniel Kahn Gillmor)
• [bugzilla: 699 ]
Feature --enable-pie option to that builds PIE binary.
• [bugzilla: 700 ]
Feature --enable-relro-now option that enables full read-only
relocation.
• [bugzilla: 702 ]
New IPs for for h.root-servers.net.
Bug Fixes
• [bugzilla: 681 ]
Fix setting forwarders with unbound-control forward implicitly
turns on forward-first.
• [bugzilla: 690 ]
Fix that reload fails when so-reuseport is yes after changing
num-threads.
• please afl-gcc (llvm) for uninitialised variable warning.
• Fix mktime in unbound-anchor not using UTC.
• Fix 5011 anchor update timer after reload.
• 5011 implementation does not insist on all algorithms, when
harden-algo-downgrade is turned off.
• Document in the manual more text about configuring locally served
zones.
• Document that local-zone nodefault matches exactly and transparent
can be used to release a subzone.
• [bugzilla: 694 ]
Fix that configure script does not detect LibreSSL 2.2.2
• Fix deadlock for local data add and zone add when unbound-control
list_local_data printout is interrupted.
• [bugzilla: 697 ]
Fix get PY_MAJOR_VERSION failure at configure for python 2.4 to
2.6.
• changed windows setup compression to be more transparent.
• Fix config globbed include chroot treatment, this fixes reload of
globs (patch from Dag-Erling Smørgrav).
• [bugzilla: 705 ]
Fix ub_ctx_set_fwd() return value mishandled on windows.
• Fix minor error in unbound.conf.5.in.
• Fix unbound.conf(5) access-control description for precedence and
default.
• Fix unbound-control flush that does not succeed in removing data.
• MAX_TARGET_COUNT increased to 64, to fix up sporadic resolution
failures.
• iana portlist update.
Change History (4)
comment:1 by , 9 years ago
| Description: | modified (diff) |
|---|---|
| Summary: | unbound-1.5.5 → unbound-1.5.6 |
comment:2 by , 9 years ago
comment:3 by , 8 years ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
Note:
See TracTickets
for help on using tickets.
New point version 1.5.6.