unbound: Vendor import 1.20.0

Release notes at
https://www.nlnetlabs.nl/news/2024/May/08/unbound-1.20.0-released/

Security: The DNSBomb vulnerability CVE-2024-33655

Merge commit 'c2a80056864d6eda0398fd127dc0ae515b39752b' into main

unbound: Vendor import 1.18.0

Release notes at
https://www.nlnetlabs.nl/news/2023/Aug/30/unbound-1.18.0-released/

MFC after: 2 weeks

Merge commit '401770e05c71ecb5ae61a59d316069b4b78bf622' into main

unbound: Vendor import 1.16.3

Fixes CVE-2022-3204 'Non-Responsive Delegation Attack'.

MFC after: 3 days
Security: CVE-2022-3204
Security: https://nlnetlabs.nl/downloads/unbound/CVE-2022-3204.txt
Changelog: https://nlnetlabs.nl/news/2022/Sep/21/unbound-1.16.3-released/

Merge commit '0dde6f4f8e604df8c6fbdab8b4aadb5ddf80c76f' into unbound/main

unbound: Vendor import 1.16.0

Merge commit '5f9f82264b91e041df7cba2406625146e7268ce4' into main

MFC after: 1 month

MFV r367082:

Update unbound 1.11.0 --> 1.12.0.

MFC after: 1 month.

MFV r361322:

Update unbound 1.9.6 --> 1.10.1.

Bug Fixes:
- CVE-2020-12662 Unbound can be tricked into amplifying an incoming
query into a large number of queries directed to a target.
- CVE-2020-12663 Malformed answers from upstream name servers can be
used to make Unbound unresponsive.

Reported by: emaste
MFC after: 3 days
Relnotes: yes
Security: CVE-2020-12662, CVE-2020-12663

Upgrade Unbound to 1.9.2.

Upgrade Unbound to 1.8.0. More to follow.

Approved by: re (kib)

Upgrade Unbound to 1.6.4. More to follow.

Upgrade Unbound to 1.6.2. More to follow.

Upgrade Unbound to 1.6.1. More to follow.

Upgrade Unbound to 1.6.0. More to follow.

Upgrade to Unbound 1.5.1. Almost all our local changes to date have been
adopted upstream, greatly reducing the diff.

Upgrade to latest ldns (1.6.17) and unbound (1.4.22).

MFC after: 3 weeks

Minimal subset of the unbound sources.

unbound: Vendor import 1.18.0

Release notes at
https://www.nlnetlabs.nl/news/2023/Aug/30/unbound-1.18.0-released/

MFC after: 2 weeks

Merge commit '401770e05c71ecb5ae61a59d316069b4b78bf622' into main

unbound: Vendor import 1.16.3

Fixes CVE-2022-3204 'Non-Responsive Delegation Attack'.

MFC after: 3 days
Security: CVE-2022-3204
Security: https://nlnetlabs.nl/downloads/unbound/CVE-2022-3204.txt
Changelog: https://nlnetlabs.nl/news/2022/Sep/21/unbound-1.16.3-released/

Merge commit '0dde6f4f8e604df8c6fbdab8b4aadb5ddf80c76f' into unbound/main

unbound: Vendor import 1.16.0

Merge commit '5f9f82264b91e041df7cba2406625146e7268ce4' into main

MFC after: 1 month

MFV r367082:

Update unbound 1.11.0 --> 1.12.0.

MFC after: 1 month.

MFV r361322:

Update unbound 1.9.6 --> 1.10.1.

Bug Fixes:
- CVE-2020-12662 Unbound can be tricked into amplifying an incoming
query into a large number of queries directed to a target.
- CVE-2020-12663 Malformed answers from upstream name servers can be
used to make Unbound unresponsive.

Reported by: emaste
MFC after: 3 days
Relnotes: yes
Security: CVE-2020-12662, CVE-2020-12663

Upgrade Unbound to 1.9.2.

Upgrade Unbound to 1.8.0. More to follow.

Approved by: re (kib)

Upgrade Unbound to 1.6.4. More to follow.

Upgrade Unbound to 1.6.2. More to follow.

Upgrade Unbound to 1.6.1. More to follow.

Upgrade Unbound to 1.6.0. More to follow.

Upgrade to Unbound 1.5.1. Almost all our local changes to date have been
adopted upstream, greatly reducing the diff.

Upgrade to latest ldns (1.6.17) and unbound (1.4.22).

MFC after: 3 weeks

Minimal subset of the unbound sources.

unbound: Vendor import 1.16.3

Fixes CVE-2022-3204 'Non-Responsive Delegation Attack'.

MFC after: 3 days
Security: CVE-2022-3204
Security: https://nlnetlabs.nl/downloads/unbound/CVE-2022-3204.txt
Changelog: https://nlnetlabs.nl/news/2022/Sep/21/unbound-1.16.3-released/

Merge commit '0dde6f4f8e604df8c6fbdab8b4aadb5ddf80c76f' into unbound/main

unbound: Vendor import 1.16.0

Merge commit '5f9f82264b91e041df7cba2406625146e7268ce4' into main

MFC after: 1 month

MFV r367082:

Update unbound 1.11.0 --> 1.12.0.

MFC after: 1 month.

MFV r361322:

Update unbound 1.9.6 --> 1.10.1.

Bug Fixes:
- CVE-2020-12662 Unbound can be tricked into amplifying an incoming
query into a large number of queries directed to a target.
- CVE-2020-12663 Malformed answers from upstream name servers can be
used to make Unbound unresponsive.

Reported by: emaste
MFC after: 3 days
Relnotes: yes
Security: CVE-2020-12662, CVE-2020-12663

Upgrade Unbound to 1.9.2.

Upgrade Unbound to 1.8.0. More to follow.

Approved by: re (kib)

Upgrade Unbound to 1.6.4. More to follow.

Upgrade Unbound to 1.6.2. More to follow.

Upgrade Unbound to 1.6.1. More to follow.

Upgrade Unbound to 1.6.0. More to follow.

Upgrade to Unbound 1.5.1. Almost all our local changes to date have been
adopted upstream, greatly reducing the diff.

Upgrade to latest ldns (1.6.17) and unbound (1.4.22).

MFC after: 3 weeks

Minimal subset of the unbound sources.

unbound: Vendor import 1.16.0

Merge commit '5f9f82264b91e041df7cba2406625146e7268ce4' into main

MFC after: 1 month

MFV r367082:

Update unbound 1.11.0 --> 1.12.0.

MFC after: 1 month.

MFV r361322:

Update unbound 1.9.6 --> 1.10.1.

Bug Fixes:
- CVE-2020-12662 Unbound can be tricked into amplifying an incoming
query into a large number of queries directed to a target.
- CVE-2020-12663 Malformed answers from upstream name servers can be
used to make Unbound unresponsive.

Reported by: emaste
MFC after: 3 days
Relnotes: yes
Security: CVE-2020-12662, CVE-2020-12663

Upgrade Unbound to 1.9.2.

Upgrade Unbound to 1.8.0. More to follow.

Approved by: re (kib)

Upgrade Unbound to 1.6.4. More to follow.

Upgrade Unbound to 1.6.2. More to follow.

Upgrade Unbound to 1.6.1. More to follow.

Upgrade Unbound to 1.6.0. More to follow.

Upgrade to Unbound 1.5.1. Almost all our local changes to date have been
adopted upstream, greatly reducing the diff.

Upgrade to latest ldns (1.6.17) and unbound (1.4.22).

MFC after: 3 weeks

Minimal subset of the unbound sources.