| 18 December 2014: Wouter
2 - Fix CVE-2014-8602: denial of service by making resolver chase
3 endless series of delegations.
4
51 December 2014: Wouter
6 - Fix bug#632: unbound fails to build on AArch64, protects
7 getentropy compat code from calling sysctl if it is has been removed.
8
929 November 2014: Wouter
10 - Add include to getentropy_linux.c, hopefully fixing debian build.
11
1228 November 2014: Wouter
13 - Fix makefile for build from noexec source tree.
14
1526 November 2014: Wouter
16 - Fix libunbound undefined symbol errors for main.
17 Referencing main does not seem to be possible for libunbound.
18
1924 November 2014: Wouter
20 - Fix log at high verbosity and memory allocation failure.
21 - iana portlist update.
22
2321 November 2014: Wouter
24 - Fix crash on multiple thread random usage on systems without
25 arc4random.
26
2720 November 2014: Wouter
28 - fix compat/getentropy_win.c check if CryptGenRandom works and no
29 immediate exit on windows.
30
3119 November 2014: Wouter
32 - Fix cdflag dns64 processing.
33
3418 November 2014: Wouter
35 - Fix that CD flag disables DNS64 processing, returning the DNSSEC
36 signed AAAA denial.
37 - iana portlist update.
38
3917 November 2014: Wouter
40 - Fix #627: SSL_CTX_load_verify_locations return code not properly
41 checked.
42
4314 November 2014: Wouter
44 - parser with bison 2.7
45
4613 November 2014: Wouter
47 - Patch from Stephane Lapie for ASAHI Net that implements aaaa-filter,
48 added to contrib/aaaa-filter-iterator.patch.
49
5012 November 2014: Wouter
51 - trunk has 1.5.1 in development.
52 - Patch from Robert Edmonds to build pyunbound python module
53 differently. No versioninfo, with -shared and without $(LIBS).
54 - Patch from Robert Edmonds fixes hyphens in unbound-anchor man page.
55 - Removed 'increased limit open files' log message that is written
56 to console. It is only written on verbosity 4 and higher.
57 This keeps system bootup console cleaner.
58 - Patch from James Raftery, always print stats for rcodes 0..5.
59
6011 November 2014: Wouter
61 - iana portlist update.
62 - Fix bug where forward or stub addresses with same address but
63 different port number were not tried.
64 - version number in svn trunk is 1.5.0
65 - tag 1.5.0rc1
66 - review fix from Ralph.
67
687 November 2014: Wouter
69 - dnstap fixes by Robert Edmonds:
70 dnstap/dnstap.m4: cosmetic fixes
71 dnstap/: Remove compiled protoc-c output files
72 dnstap/dnstap.m4: Error out if required libraries are not found
73 dnstap: Fix ProtobufCBufferSimple usage that is incorrect as of
74 protobuf-c 1.0.0
75 dnstap/: Adapt to API changes in latest libfstrm (>= 0.2.0)
76
774 November 2014: Wouter
78 - Add ub_ctx_add_ta_autr function to add a RFC5011 automatically
79 tracked trust anchor to libunbound.
80 - Redefine internal minievent symbols to unique symbols that helps
81 linking on platforms where the linker leaks names across modules.
82
8327 October 2014: Wouter
84 - Disabled use of SSLv3 in remote-control and ssl-upstream.
85 - iana portlist update.
86
8716 October 2014: Wouter
88 - Documented dns64 configuration in unbound.conf man page.
89
9013 October 2014: Wouter
91 - Fix #617: in ldns in unbound, lowercase WKS services.
92 - Fix ctype invocation casts.
93
9410 October 2014: Wouter
95 - Fix unbound-checkconf check for module config with dns64 module.
96 - Fix unbound capsforid fallback, it ignores TTLs in comparison.
97
986 October 2014: Wouter
99 - Fix #614: man page variable substitution bug.
1006 October 2014: Willem
101 - Whitespaces after $ORIGIN are not part of the origin dname (ldns).
102 - $TTL's value starts at position 5 (ldns).
103
1041 October 2014: Wouter
105 - fix #613: Allow tab ws in var length last rdfs (in ldns str2wire).
106
10729 September 2014: Wouter
108 - Fix #612: create service with service.conf in present directory and
109 auto load it.
110 - Fix for mingw compile openssl ranlib.
111
11225 September 2014: Wouter
113 - updated configure and aclocal with newer autoconf 1.13.
114
11522 September 2014: Wouter
116 - Fix swig and python examples for Python 3.x.
117 - Fix for mingw compile with openssl-1.0.1i.
118
11919 September 2014: Wouter
120 - improve python configuration detection to build on Fedora 22.
121
12218 September 2014: Wouter
123 - patches to also build with Python 3.x (from Pavel Simerda).
124
12516 September 2014: Wouter
126 - Fix tcp timer waiting list removal code.
127 - iana portlist update.
128 - Updated the TCP_BACLOG from 5 to 256, so that the tcp accept queue
129 is longer and more tcp connections can be handled.
130
13115 September 2014: Wouter
132 - Fix unit test for CDS typecode.
133
1345 September 2014: Wouter
135 - type CDS and CDNSKEY types in sldns.
136
13725 August 2014: Wouter
138 - Fixup checklock code for log lock and its mutual initialization
139 dependency.
140 - iana portlist update.
141 - Removed necessity for pkg-config from the dnstap.m4, new are
142 the --with-libfstrm and --with-protobuf-c configure options.
143
14419 August 2014: Wouter
145 - Update unbound manpage with more explanation (from Florian Obser).
146
14718 August 2014: Wouter
148 - Fix #603: unbound-checkconf -o <option> should skip verification
149 checks.
150 - iana portlist update.
151 - Fixup doc/unbound.doxygen to remove obsolete 1.8.7 settings.
152
1535 August 2014: Wouter
154 - dnstap support, with a patch from Farsight Security, written by
155 Robert Edmonds. The --enable-dnstap needs libfstrm and protobuf-c.
156 It is BSD licensed (see dnstap/dnstap.c).
157 Building with --enable-dnstap needs pkg-config with this patch.
158 - Noted dnstap in doc/README and doc/CREDITS.
159 - Changes to the dnstap patch.
160 - lint fixes.
161 - dnstap/dnstap_config.h should not have been added to the repo,
162 because is it generated.
163
1641 August 2014: Wouter
165 - Patch add msg, rrset, infra and key cache sizes to stats command
166 from Maciej Soltysiak.
167 - iana portlist update.
168
16931 July 2014: Wouter
170 - DNS64 from Viagenie (BSD Licensed), written by Simon Perrault.
171 Initial commit of the patch from the FreeBSD base (with its fixes).
172 This adds a module (for module-config in unbound.conf) dns64 that
173 performs DNS64 processing, see README.DNS64.
174 - Changes from DNS64:
175 strcpy changed to memmove.
176 arraybound check fixed from prefix_net/8/4 to prefix_net/8+4.
177 allocation of result consistently in the correct region.
178 time_t is now used for ttl in unbound (since the patch's version).
179 - testdata/dns64_lookup.rpl for unit test for dns64 functionality.
180
18129 July 2014: Wouter
182 - Patch from Dag-Erling Smorgrav that implements feature, unbound -dd
183 does not fork in the background and also logs to stderr.
184
18521 July 2014: Wouter
186 - Fix endian.h include for OpenBSD.
187
18816 July 2014: Wouter
189 - And Fix#596: Bail out of unbound-control dump_infra when ssl
190 write fails.
191
19215 July 2014: Wouter
193 - Fix #596: Bail out of unbound-control list_local_zones when ssl
194 write fails.
195 - iana portlist update.
196
19713 July 2014: Wouter
198 - Configure tests if main can be linked to from getentropy compat.
199
20012 July 2014: Wouter
201 - Fix getentropy compat code, function refs were not portable.
202 - Fix to check openssl version number only for OpenSSL.
203 - LibreSSL provides compat items, check for that in configure.
204 - Fix bug in fix for log locks that caused deadlock in signal handler.
205 - update compat/getentropy and arc4random to the most recent ones from OpenBSD.
206
20711 July 2014: Matthijs
208 - fake-rfc2553 patch (thanks Benjamin Baier).
209
21011 July 2014: Wouter
211 - arc4random in compat/ and getentropy, explicit_bzero, chacha for
212 dependencies, from OpenBSD. arc4_lock and sha512 in compat.
213 This makes arc4random available on all platforms, except when
214 compiled with LIBNSS (it uses libNSS crypto random).
215 - fix strptime implicit declaration error on OpenBSD.
216 - arc4random, getentropy and explicit_bzero compat for Windows.
217
2184 July 2014: Wouter
219 - Fix #593: segfault or crash upon rotating logfile.
220
2213 July 2014: Wouter
222 - DLV tests added.
223 - signit tool fixup for compile with libldns library.
224 - iana portlist updated.
225
22627 June 2014: Wouter
227 - so-reuseport is available on BSDs(such as FreeBSD 10) and OS/X.
228
22926 June 2014: Wouter
230 - unbound-control status reports if so-reuseport was successful.
231 - iana portlist updated.
232
23324 June 2014: Wouter
234 - Fix caps-for-id fallback, and added fallback attempt when servers
235 drop 0x20 perturbed queries.
236 - Fixup testsetup for VM tests (run testcode/run_vm.sh).
237
23817 June 2014: Wouter
239 - iana portlist updated.
240
2413 June 2014: Wouter
242 - Add AAAA for B root server to default root hints.
243
2442 June 2014: Wouter
245 - Remove unused define from iterator.h
246
24730 May 2014: Wouter
248 - Fixup sldns_enum_edns_option typedef definition.
249
25028 May 2014: Wouter
251 - Code cleanup patch from Dag-Erling Smorgrav, with compiler issue
252 fixes from FreeBSD's copy of Unbound, he notes:
253 Generate unbound-control-setup.sh at build time so it respects
254 prefix and sysconfdir from the configure script. Also fix the
255 umask to match the comment, and the comment to match the umask.
256 Add const and static where needed. Use unions instead of
257 playing pointer poker. Move declarations that are needed in
258 multiple source files into a shared header. Move sldns_bgetc()
259 from parse.c to buffer.c where it belongs. Introduce a new
260 header file, worker.h, which declares the callbacks that
261 all workers must define. Remove those declarations from
262 libworker.h. Include the correct headers in the correct places.
263 Fix a few dummy callbacks that don't match their prototype.
264 Fix some casts. Hide the sbrk madness behind #ifdef HAVE_SBRK.
265 Remove a useless printf which breaks reproducible builds.
266 Get rid of CONFIGURE_{TARGET,DATE,BUILD_WITH} now that they're
267 no longer used. Add unbound-control-setup.sh to the list of
268 generated files. The prototype for libworker_event_done_cb()
269 needs to be moved from libunbound/libworker.h to
270 libunbound/worker.h.
271 - Fixup out-of-directory compile with unbound-control-setup.sh.in.
272 - make depend.
273
27423 May 2014: Wouter
275 - unbound-host -D enabled dnssec and reads root trust anchor from
276 the default root key file that was compiled in.
277
27820 May 2014: Wouter
279 - Feature, unblock-lan-zones: yesno that you can use to make unbound
280 perform 10.0.0.0/8 and other reverse lookups normally, for use if
281 unbound is running service for localhost on localhost.
282
28316 May 2014: Wouter
284 - Updated create_unbound_ad_servers and unbound_cache scripts from
285 Yuri Voinov in the source/contrib directory. Added
286 warmup.cmd (and .sh): warm up the DNS cache with your MRU domains.
287
2889 May 2014: Wouter
289 - Implement draft-ietf-dnsop-rfc6598-rfc6303-01.
290 - iana portlist updated.
291
2928 May 2014: Wouter
293 - Contrib windows scripts from Yuri Voinov added to src/contrib:
294 create_unbound_ad_servers.cmd: enters anti-ad server lists.
295 unbound_cache.cmd: saves and loads the cache.
296 - Added unbound-control-setup.cmd from Yuri Voinov to the windows
297 unbound distribution set. It requires openssl installed in %PATH%.
298
2996 May 2014: Wouter
300 - Change MAX_SENT_COUNT from 16 to 32 to resolve some cases easier.
301
3025 May 2014: Wouter
303 - More #567: remove : from output of stub and forward lists, this is
304 easier to parse.
305
30629 April 2014: Wouter
307 - iana portlist updated.
308 - Add unbound-control flush_negative that flushed nxdomains, nodata,
309 and errors from the cache. For dnssec-trigger and NetworkManager,
310 fixes cases where network changes have localdata that was already
311 negatively cached from the previous network.
312
31323 April 2014: Wouter
314 - Patch from Jeremie Courreges-Anglas to use arc4random_uniform
315 if available on the OS, it gets entropy from the OS.
316
31715 April 2014: Wouter
318 - Fix compile with libevent2 on FreeBSD.
319
32011 April 2014: Wouter
321 - Fix #502: explain that do-ip6 disable does not stop AAAA lookups,
322 but it stops the use of the ipv6 transport layer for DNS traffic.
323 - iana portlist updated.
324
32510 April 2014: Wouter
326 - iana portlist updated.
327 - Patch from Hannes Frederic Sowa for Linux 3.15 fragmentation
328 option for DNS fragmentation defense.
329 - Document that dump_requestlist only prints queries from thread 0.
330 - unbound-control stats prints num.query.tcpout with number of TCP
331 outgoing queries made in the previous statistics interval.
332 - Fix #567: unbound lists if forward zone is secure or insecure with
333 +i annotation in output of list_forwards, also for list_stubs
334 (for NetworkManager integration.)
335 - Fix #554: use unsigned long to print 64bit statistics counters on
336 64bit systems.
337 - Fix #558: failed prefetch lookup does not remove cached response
338 but delays next prefetch (in lieu of caching a SERVFAIL).
339 - Fix #545: improved logging, the ip address of the error is printed
340 on the same log-line as the error.
341
3428 April 2014: Wouter
343 - Fix #574: make test fails on Ubuntu 14.04. Disabled remote-control
344 in testbound scripts.
345 - iana portlist updated.
346
3477 April 2014: Wouter
348 - C.ROOT-SERVERS.NET has an IPv6 address, and we updated the root
349 hints (patch from Anand Buddhdev).
350 - Fix #572: Fix unit test failure for systems with different
351 /etc/services.
352
35328 March 2014: Wouter
354 - Fix #569: do_tcp is do-tcp in unbound.conf man page.
355
35625 March 2014: Wouter
357 - Patch from Stuart Henderson to build unbound-host man from .1.in.
358
35924 March 2014: Wouter
360 - Fix print filename of encompassing config file on read failure.
361
|