| non port: dns/unbound/distinfo |
|
SVNWeb
|
Number of commits found: 83 |
|
Fri, 13 Jan 2023
|
[ 21:12 Brad Davis (brd)  ]    850f050
dns/unbound: Update to 1.17.1
The release notes can be found at:
https://www.nlnetlabs.nl/projects/unbound/download/#unbound-1-17-1
PR: 268913
Approved by: jaap@NLnetLabs.nl (maintainer)
Sponsored by: Rubicon Communications, LLC ("Netgate")
|
|
Sun, 16 Oct 2022
|
[ 17:37 Fernando Apesteguía (fernape) Author: Jaap Akkerhuis ] 7b0d6de
dns/unbound: Update to 1.17.0
ChangeLog: https://www.nlnetlabs.nl/news/2022/Oct/13/unbound-1.17.0-released/
Remove additional MASTER_SITES (certificate error)
PR: 267018
Reported by: jaap@NLnetLabs.nl (maintainer)
Reviewed by: diizzy@
|
|
Thu, 29 Sep 2022
|
[ 05:39 Fernando Apesteguía (fernape) Author: Herbert J. Skuhra ] 2efbd2b
dns/unbound: Update to 1.16.3
ChangeLog: https://nlnetlabs.nl/news/2022/Sep/21/unbound-1.16.3-released/
Fixes Non-Responsive Delegation Attack.
PR: 266654
Reported by: herbert@gojira.at
Approved by: jaap@NLnetLabs.nl (maintainer)
Security: CVE-2022-3204
|
|
Fri, 5 Aug 2022
|
[ 18:58 Bernard Spil (brnrd) ] 9ed08e8
dns/unbound: Security update to 1.6.2
PR: 265645
Reported by: Jaap Akkerhuis <jaap NLnetLabs nl> (maintainer)
Security: bc43a578-14ec-11ed-856e-d4c9ef517024
MFH: 2022Q3
|
|
Tue, 12 Jul 2022
|
[ 17:47 Fernando Apesteguía (fernape) Author: Jaap Akkerhuis ] 0046203
dns/unbound: Update to 1.16.1
ChangeLog: https://www.nlnetlabs.nl/projects/unbound/download/#unbound-1-16-1
PR: 265151
Reported by: jaap@NLnetLabs.nl (maintainer)
MFH: 2022Q3 (bugfixes)
|
|
Wed, 8 Jun 2022
|
[ 10:33 Li-Wen Hsu (lwhsu) Author: Jaap Akkerhuis ] 993f58d
dns/unbound: Update to 1.16.0
This release has EDE support, for extended EDNS error reporting,
it fixes unsupported ZONEMD algorithms to load, and has more bug fixes.
The EDE errors can be turned on by `ede: yes`, it is default disabled.
Validation errors and other errors are then reported. If you also want
stale answers for expired responses to have an error code, the option
`ede-serve-expired: yes` can be used.
On request, the port now also has dnscrypt support default enabled.
PR: 264538
|
|
Thu, 17 Feb 2022
|
[ 21:21 Dries Michiels (driesm) Author: Jaap Akkerhuis ] cfd10e7
dns/unbound: Update to 1.15.0
[The Makefile of the port got cleaned up to make portfmt happy]
This release has bug fixes for crashes that happened on heavy network
usage. The default for the aggressive-nsec option has changed, it is now
enabled.
The ratelimit logic had to be reworked for the crash fixes. As a result,
there are new options to control the behaviour of ratelimiting.
The ratelimit-backoff and ip-ratelimit-backoff options can be used to
control how severe the backoff is when the ratelimit is exceeded.
The rpz-signal-nxdomain-ra option can be used to unset the RA flag, for
NXDOMAIN answers from RPZ. That is used by some clients to detect that (Only the first 15 lines of the commit message are shown above  )
|
|
Tue, 14 Dec 2021
|
[ 21:06 Cy Schubert (cy) Author: Jaap Akkerhuis ] 0d90eb7
dns/unbound: Update to 1.14.0
Changelog:
This release contains bug fixes and a full set of RPZ triggers and
actions that are supported. This works with RPZ zones, configured with
`rpz:`.
It is possible to selectively enable use of TCP for stub zones and
forward zones, without having enable it server wide, by enabling it
with the `stub-tcp-upstream: yes` and `forward-tcp-upstream: yes` options.
The added contrib/Dockerfile.tests from ziollek can be used to setup
a Docker environment to run tests in. The documentation is in the
doc/README.tests file. (Only the first 15 lines of the commit message are shown above )
|
|
Mon, 16 Aug 2021
|
[ 23:18 Renato Botelho (garga) Author: Jaap Akkerhuis ] 42ac7e7
dns/unbound: Update to 1.13.2
Added a new option DEP-RSA1024 to enable --with-deprecate-rsa-1024
Changelog:
- Merge PR #317: ZONEMD Zone Verification, with RFC 8976 support.
ZONEMD records are checked for zones loaded as auth-zone,
with DNSSEC if available. There is an added option
zonemd-permissive-mode that makes it log but not fail wrong zones.
With zonemd-reject-absence for an auth-zone the presence of a
zonemd can be mandated for specific zones.
- Fix: Resolve interface names on control-interface too.
- Merge #470 from edevil: Allow configuration of persistent TCP
connections. (Only the first 15 lines of the commit message are shown above )
|
|
Tue, 9 Feb 2021
|
[ 19:49 nc ]  
dns/unbound: Update to 1.13.1
Changes: https://nlnetlabs.nl/news/2021/Feb/09/unbound-1.13.1-released/
PR: 253376
Submitted by: Jaap Akkerhuis <jaap AT NLnetLabs DOT nl> (maintainer)
|
|
Sat, 12 Dec 2020
|
[ 16:54 brnrd ]
dns/unbound: Security update to 1.13.0
* Sort options and port_docs while here
PR: 251563
Submitted by: Jaap Akkerhuis <jaap nlnetlabs nl> (maintainer)
Approved by: maintainer (implicit)
MFH: 2020Q4
Security: 388ebb5b-3c95-11eb-929d-d4c9ef517024
|
|
Mon, 12 Oct 2020
|
[ 15:33 garga ]
dns/unbound: Update to 1.12.0
PR: 250199
Submitted by: maintainer
Sponsored by: Rubicon Communications, LLC (Netgate)
|
|
Fri, 21 Aug 2020
|
[ 14:17 lwhsu ]
dns/unbound: Update to 1.11.0
PR: 248808
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
|
|
Tue, 19 May 2020
|
[ 19:02 delphij ]
dns/unbound: update to 1.10.1.
PR: 246569
Submitted by: Jaap Akkerhuis (maintainer)
MFH: 2020Q2
Security: CVE-2020-12662, CVE-2020-12663
|
|
Sat, 22 Feb 2020
|
[ 13:59 pi ]
dns/unbound: update 1.9.6 -> 1.10.0
PR: 244244
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
Relnotes: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=244244#c0
|
|
Mon, 16 Dec 2019
|
[ 09:44 joneum ]
Update to 1.9.6
PR: 242603
Sponsored by: Netzkommune GmbH
|
|
Sat, 23 Nov 2019
|
[ 12:54 joneum ]
Update to 1.9.5
Changelog:
https://nlnetlabs.nl/projects/unbound/security-advisories/#vulnerability-in-ipsec-module
PR: 242075
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
MFH: 2019Q4
Sponsored by: Netzkommune GmbH
|
|
Thu, 3 Oct 2019
|
[ 19:28 sunpoet ]
Update to 1.9.4
Changes: https://github.com/NLnetLabs/unbound/blob/master/doc/Changelog
PR: 241033
Reported by: C <cm@appliedprivacy.net>
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
Security: 108a4be3-e612-11e9-9963-5f1753e0aca0
MFH: 2019Q4
|
|
Mon, 2 Sep 2019
|
[ 16:31 swills ]
dns/unbound: update to 1.9.3
Whil here, improve rc script
PR: 240163
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
|
|
Wed, 19 Jun 2019
|
[ 04:56 joneum ]
Update to 1.9.2
PR: 238651
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
Sponsored by: Netzkommune GmbH
|
|
Mon, 18 Mar 2019
|
[ 11:35 swills ]
dns/unbound: update to 1.9.1
PR: 236575
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
|
|
Tue, 5 Feb 2019
|
[ 14:27 sunpoet ]
Update to 1.9.0
Changes: https://www.nlnetlabs.nl/svn/unbound/tags/release-1.9.0/doc/Changelog
PR: 235522
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
|
|
Wed, 26 Dec 2018
|
[ 22:20 swills ]
dns/unbound: Update to 1.8.3
PR: 233933
Submitted by: jaap@NLnetLabs.nl
|
|
Sun, 9 Dec 2018
|
[ 01:06 swills ]
dns/unbound: Update to 1.8.2
PR: 233796
Submitted by: jaap@NLnetLabs.nl (maintainer)
|
|
Mon, 8 Oct 2018
|
[ 17:29 swills ]
dns/unbound upgrade to 1.8.1
PR: 232070
Submitted by: jaap@NLnetLabs.nl (maintainer)
|
|
Tue, 18 Sep 2018
|
[ 18:24 swills ]
dns/unbound: update to 1.8.0
Bump PORTREVISION on consumers due to library major version change
PR: 231283
Submitted by: jaap@NLnetLabs.nl (maintainer)
|
|
Thu, 21 Jun 2018
|
[ 21:12 sunpoet ]
Update to 1.7.3
Changes: https://www.nlnetlabs.nl/svn/unbound/tags/release-1.7.3/doc/Changelog
PR: 229202
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
|
|
Thu, 14 Jun 2018
|
[ 23:22 swills ]
dns/unbound: upgrade to 1.7.2
PR: 228889
Submitted by: jaap@NLnetLabs.nl (maintainer)
|
|
Thu, 10 May 2018
|
[ 14:50 miwi ]
- Update to 2.5.9
- Update WWW
PR: 227949
Submitted by: maintainer
Sponsored by: iXsystems Inc.
|
|
Wed, 21 Mar 2018
|
[ 17:00 pi ]
dns/unbound: upgrade 1.6.8 -> 1.7.0
Features
- auth-zone provides a way to configure RFC7706 from unbound.conf,
eg. with auth-zone: name: "." for-downstream: no for-upstream: yes
fallback-enabled: yes and masters or a zonefile with data.
- Aggressive use of NSEC implementation. Use cached NSEC records to
generate NXDOMAIN, NODATA and positive wildcard answers.
- Accept tls-upstream in unbound.conf, the ssl-upstream keyword is
also recognized and means the same. Also for tls-port,
tls-service-key, tls-service-pem, stub-tls-upstream and
forward-tls-upstream.
- [dnscrypt] introduce dnscrypt-provider-cert-rotated option,
from Manu Bretelle.
This option allows handling multiple cert/key pairs while only (Only the first 15 lines of the commit message are shown above )
|
|
Fri, 19 Jan 2018
|
[ 16:27 dbaio ]
dns/unbound: Update to 1.6.8, Fixes security vulnerability
PR: 225313
Submitted by: jaap@NLnetLabs.nl (maintainer)
MFH: 2018Q1
Security: 8d3bae09-fd28-11e7-95f2-005056925db4
|
|
Thu, 12 Oct 2017
|
[ 14:44 dbaio ]
dns/unbound: Update to 1.6.7
Changes: http://www.unbound.net/pipermail/unbound-users/2017-October/004972.html
PR: 222941
Submitted by: jaap@NLnetLabs.nl (maintainer)
|
|
Fri, 22 Sep 2017
|
[ 00:51 dbaio ]
dns/unbound: Update to 1.6.6
Changes: http://www.unbound.net/pipermail/unbound-users/2017-September/004936.html
PR: 222503
Submitted by: jaap@NLnetLabs.nl (maintainer)
|
|
Mon, 21 Aug 2017
|
[ 21:45 swills ]
dns/unbound: Upgrade to 1.6.5
PR: 221692
Submitted by: jaap@NLnetLabs.nl (maintainer)
|
|
Wed, 12 Jul 2017
|
[ 22:44 dbaio ]
dns/unbound: Update to 1.6.4
Changes: http://www.unbound.net/pipermail/unbound-users/2017-June/004818.html
PR: 220673
Submitted by: jaap@NLnetLabs.nl (maintainer)
Approved by: garga (mentor, implicit)
|
|
Tue, 13 Jun 2017
|
[ 20:37 adamw ]
Update unbound to 1.6.3.
This release fixes a spurious assertion failure when unbound receives a
malformed packet with 0x20 enabled.
Bug Fixes
- Fix #1280: Unbound fails assert when response from authoritative
contains malformed qname. When 0x20 caps-for-id is enabled, when
assertions are not enabled the malformed qname is handled correctly.
PR: 219958
Submitted by: maintainer (jaap NLnetLabs nl)
|
|
Sat, 29 Apr 2017
|
[ 20:59 pi ]
dns/unbound: update 1.6.1 -> 1.6.2
PR: 218872
Changes: http://www.unbound.net/pipermail/unbound-users/2017-April/004762.html
Submitted by: jaap@NLnetLabs.nl (maintainer)
|
|
Wed, 8 Mar 2017
|
[ 01:48 wen ]
- Update to 1.6.1
PR: 217614
Submitted by: jaap@NLnetLabs.nl(maintainer)
|
|
Sat, 17 Dec 2016
|
[ 13:20 sunpoet ]
- Update to 1.6.0
- Do not silence installation message
- While I'm here:
- Move LIB_DEPENDS upwards
- Use = instead of += for CONFIGURE_ARGS and USES
- Convert to options helper
- Use TEST_TARGET
Changes: https://unbound.nlnetlabs.nl/pipermail/unbound-users/2016-December/004587.html
PR: 215322
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
|
|
Sun, 2 Oct 2016
|
[ 10:30 pawel ]
Update to version 1.5.10
In this release there is a fix for long downtime after connectivity
loss, which was a longstanding unsolved issue. Features for tcp, TCP
Fast Open and timeout pressure to close connections when the tcp
connections are getting full. Option to use ipv6 /64 for extra entropy.
Features
- Create a pkg-config file for libunbound in contrib.
- TCP Fast open patch from Sara Dickinson.
- Finegrained localzone control with define-tag, access-control-tag,
access-control-tag-action, access-control-tag-data, local-zone-tag, and
local-zone-override. And added types always_transparent, always_refuse,
always_nxdomain with that.
- If more than half of tcp connections are in use, a shorter timeout (Only the first 15 lines of the commit message are shown above )
|
|
Sat, 18 Jun 2016
|
[ 21:53 rm ]
dns/unbound: update to 1.5.9
PR: 210257
Submitted by: jaap@NLnetLabs.nl (maintainer)
|
|
Tue, 15 Mar 2016
|
[ 06:19 ohauer ]
- Update unbound to version 1.5.8
- add OPTION for DNSTAP logging support
- rename OPTION s/MUNIN/MUNIN_PLUGIN/ so it is consistent with nsd
- use OPTIONS_SUB
- use ${opt}_target
- use @sample macro for unbound.conf
- sort pkg-plist
Features
- ip-transparent option for FreeBSD with IP_BINDANY socket option.
- insecure-lan-zones: yesno config option, patch from Dag-Erling Smorgrav.
- RR Type CSYNC support RFC 7477, in debug printout and config input.
- RR Type OPENPGPKEY support (draft-ietf-dane-openpgpkey-07).
- [bugzilla: 731 ] tcp-mss, outgoing-tcp-mss options for unbound.conf, patch(Only the first 15 lines of the commit message are shown above )
|
|
Thu, 4 Feb 2016
|
[ 15:58 erwin ]
- Update unbound to 1.5.7
- Bump PORTREVISIOn on dependent ports
Some Upgrade Notes:
This release fixes a validation failure for nodata with wildcards and
emptynonterminals. Fixes OpenSSL Library compability. Fixes correct
response for malformed EDNS queries. For crypto in libunbound there is
libnettle support.
Qname minimisation is implemented. Use qname-minimisation: yes to
enable it. This version sends the full query name when an error is
found for intermediate names. It should therefore not fail for names
on nonconformant servers. It combines well with
harden-below-nxdomain: yes because those nxdomains are probed by the (Only the first 15 lines of the commit message are shown above )
|
|
Sun, 11 Oct 2015
|
[ 12:58 sem ]
- Update to 1.5.5
|
|
Mon, 17 Aug 2015
|
[ 19:31 sem ]
- Update to 1.5.4
- Disable FILTER_AAAA option. The patch is obsolated.
PR: 202385
Submitted by: edwin
|
|
Thu, 12 Mar 2015
|
[ 14:47 sem ]
- Update to 1.5.3
PR: 198538
Submitted by: garga
|
|
Thu, 19 Feb 2015
|
[ 17:55 sem ]
- Update to 1.5.2
|
|
Tue, 9 Dec 2014
|
[ 02:18 sem ]
- Upgrade to 1.5.1. It fixes CVE-2014-8602.
- Mark python support as broken: does not build.
PR: 195814, 195803
Submitted by: Kenji Rikitake, Jeroen
|
|
Fri, 5 Dec 2014
|
[ 18:52 sem ]
- Update to 1.5.0
- Removed FreeBSD 10 check for libevent, because of upstream fixes (as stated in
changelog)
- Converted files/patch-Makefile.in to sed patch, which is position independent
PR: 195674
Submitted by: lightside@gmx.com
|
|
Thu, 13 Mar 2014
|
[ 11:07 sem ]
- Update to 1.4.22
|
|
Mon, 23 Sep 2013
|
[ 02:39 sem ]
- Update to 1.4.21
|
|
Mon, 25 Mar 2013
|
[ 16:03 sem ]
- Update to 1.4.20
|
|
Fri, 14 Dec 2012
|
[ 13:56 sem ]
- Update to 1.1.19
|
|
Fri, 3 Aug 2012
|
[ 10:05 sem ]
- Update to 1.4.18
|
|
Thu, 24 May 2012
|
[ 15:02 sem ]
- Update to 1.4.17
* Use ECDSA by default
* Add a hack to build ldns with ECDSA support if it's not installed
Feature safe: Yes
|
|
Thu, 2 Feb 2012
|
[ 13:53 sem ]
- Update to 1.4.16
* Bugfix release
|
|
Thu, 26 Jan 2012
|
[ 13:44 sem ]
- Update to 1.4.15
* Fixed a little memory leak
* Couple other bugs fixed
- Run unbound-checkconf before start.
|
|
Mon, 19 Dec 2011
|
[ 13:44 sem ]
- Update to 1.4.14
* CVE-2011-4528 fixed
|
|
Thu, 15 Sep 2011
|
[ 12:04 sem ]
- Update to 1.4.13
|
|
Fri, 15 Jul 2011
|
[ 12:53 sem ]
- Update to 1.4.12 (a bugfix release)
- Disable GOST by default
- Depend on dns/ldns
|
|
Fri, 1 Jul 2011
|
[ 14:46 sem ]
- Update to 1.4.11
|
|
Wed, 25 May 2011
|
[ 09:30 sem ]
- Update to 1.4.10
* CVE-2011-1922 VU#531342 fixed
|
|
Thu, 24 Mar 2011
|
[ 13:24 sem ]
- Update to 1.4.9
|
|
Mon, 24 Jan 2011
|
[ 16:19 sem ]
- Update to 1.4.8
Feature safe: yes
|
|
Tue, 9 Nov 2010
|
[ 14:09 sem ]
- Update to 1.4.7
* It uses GOST by default and depends on port's openssl 1.0.0
(may be turned off by an option).
|
|
Wed, 4 Aug 2010
|
[ 11:06 sem ]
- Update to 1.4.6
|
|
Tue, 15 Jun 2010
|
[ 15:46 sem ]
- Update to 1.4.5
|
|
Thu, 22 Apr 2010
|
[ 12:06 sem ]
- Update to 1.4.4
* mistly bugs fix release
* ECC-GOST is not supported by the port yet because of it requires
OpenSSL 1.0.0 from ports. (There is in TODO).
|
|
Fri, 12 Mar 2010
|
[ 12:54 sem ]
- Update to 1.4.3
|
|
Thu, 17 Dec 2009
|
[ 12:45 sem ]
- Update to 1.4.1
- Use --disable-sha2 on 6.4 because of broken OpenSSL in base.
|
|
Thu, 26 Nov 2009
|
[ 15:19 sem ]
- Update to 1.4.0
|
|
Tue, 17 Nov 2009
|
[ 14:38 sem ]
- Update to 1.3.4
PR: ports/140639
Submitted by: Kurt Jaeger <pi at fa8.opsec.eu>
|
|
Wed, 5 Aug 2009
|
[ 17:21 sem ]
- Update to 1.3.3
|
|
Thu, 9 Jul 2009
|
[ 17:38 sem ]
- Update to 1.3.1
|
|
Tue, 16 Jun 2009
|
[ 13:35 sem ]
- Update to 1.3.0
|
|
Tue, 10 Feb 2009
|
[ 14:05 sem ]
- Update to 1.2.1
|
|
Wed, 14 Jan 2009
|
[ 08:49 sem ]
- Update to 1.2.0
Bugs fix release. Includes important security fix.
|
|
Thu, 20 Nov 2008
|
[ 19:39 sem ]
- Update to 1.1.1
Urgent bugs fix release.
|
|
Wed, 19 Nov 2008
|
[ 20:59 sem ]
- Update to 1.1.0
|
|
Thu, 7 Aug 2008
|
[ 10:45 sem ]
- Update to 1.0.2
|
|
Wed, 16 Jul 2008
|
[ 19:43 sem ]
- Update to 1.0.1
|
|
Wed, 21 May 2008
|
[ 17:12 sem ]
- Update to 1.0
|
|
Tue, 29 Apr 2008
|
[ 07:35 sem ]
- New port: dns/unbound
Unbound is designed as a set of modular components, so that also
DNSSEC (secure DNS) validation and stub-resolvers (that do not run as
a server, but are linked into an application) are easily possible.
Goals:
* A validating recursive DNS resolver.
* Code diversity in the DNS resolver monoculture.
* Drop-in replacement for BIND apart from config.
* DNSSEC support.
* Fully RFC compliant.
* High performance
o even with validation.
* Used as(Only the first 15 lines of the commit message are shown above )
|
Number of commits found: 83 |
As an Amazon Associate I earn from qualifying purchases.