non port: dns/unbound/pkg-plist |
SVNWeb
|
Number of commits found: 65 |
Fri, 13 Jan 2023
|
[ 21:12 Brad Davis (brd) ] 850f050
dns/unbound: Update to 1.17.1
The release notes can be found at:
https://www.nlnetlabs.nl/projects/unbound/download/#unbound-1-17-1
PR: 268913
Approved by: jaap@NLnetLabs.nl (maintainer)
Sponsored by: Rubicon Communications, LLC ("Netgate")
|
Sun, 16 Oct 2022
|
[ 17:37 Fernando Apesteguía (fernape) Author: Jaap Akkerhuis ] 7b0d6de
dns/unbound: Update to 1.17.0
ChangeLog: https://www.nlnetlabs.nl/news/2022/Oct/13/unbound-1.17.0-released/
Remove additional MASTER_SITES (certificate error)
PR: 267018
Reported by: jaap@NLnetLabs.nl (maintainer)
Reviewed by: diizzy@
|
Thu, 29 Sep 2022
|
[ 05:39 Fernando Apesteguía (fernape) Author: Herbert J. Skuhra ] 2efbd2b
dns/unbound: Update to 1.16.3
ChangeLog: https://nlnetlabs.nl/news/2022/Sep/21/unbound-1.16.3-released/
Fixes Non-Responsive Delegation Attack.
PR: 266654
Reported by: herbert@gojira.at
Approved by: jaap@NLnetLabs.nl (maintainer)
Security: CVE-2022-3204
|
Fri, 5 Aug 2022
|
[ 18:58 Bernard Spil (brnrd) ] 9ed08e8
dns/unbound: Security update to 1.6.2
PR: 265645
Reported by: Jaap Akkerhuis <jaap NLnetLabs nl> (maintainer)
Security: bc43a578-14ec-11ed-856e-d4c9ef517024
MFH: 2022Q3
|
Tue, 12 Jul 2022
|
[ 17:47 Fernando Apesteguía (fernape) Author: Jaap Akkerhuis ] 0046203
dns/unbound: Update to 1.16.1
ChangeLog: https://www.nlnetlabs.nl/projects/unbound/download/#unbound-1-16-1
PR: 265151
Reported by: jaap@NLnetLabs.nl (maintainer)
MFH: 2022Q3 (bugfixes)
|
Wed, 8 Jun 2022
|
[ 10:33 Li-Wen Hsu (lwhsu) Author: Jaap Akkerhuis ] 993f58d
dns/unbound: Update to 1.16.0
This release has EDE support, for extended EDNS error reporting,
it fixes unsupported ZONEMD algorithms to load, and has more bug fixes.
The EDE errors can be turned on by `ede: yes`, it is default disabled.
Validation errors and other errors are then reported. If you also want
stale answers for expired responses to have an error code, the option
`ede-serve-expired: yes` can be used.
On request, the port now also has dnscrypt support default enabled.
PR: 264538
|
Thu, 17 Feb 2022
|
[ 21:21 Dries Michiels (driesm) Author: Jaap Akkerhuis ] cfd10e7
dns/unbound: Update to 1.15.0
[The Makefile of the port got cleaned up to make portfmt happy]
This release has bug fixes for crashes that happened on heavy network
usage. The default for the aggressive-nsec option has changed, it is now
enabled.
The ratelimit logic had to be reworked for the crash fixes. As a result,
there are new options to control the behaviour of ratelimiting.
The ratelimit-backoff and ip-ratelimit-backoff options can be used to
control how severe the backoff is when the ratelimit is exceeded.
The rpz-signal-nxdomain-ra option can be used to unset the RA flag, for
NXDOMAIN answers from RPZ. That is used by some clients to detect that (Only the first 15 lines of the commit message are shown above )
|
Tue, 14 Dec 2021
|
[ 21:06 Cy Schubert (cy) Author: Jaap Akkerhuis ] 0d90eb7
dns/unbound: Update to 1.14.0
Changelog:
This release contains bug fixes and a full set of RPZ triggers and
actions that are supported. This works with RPZ zones, configured with
`rpz:`.
It is possible to selectively enable use of TCP for stub zones and
forward zones, without having enable it server wide, by enabling it
with the `stub-tcp-upstream: yes` and `forward-tcp-upstream: yes` options.
The added contrib/Dockerfile.tests from ziollek can be used to setup
a Docker environment to run tests in. The documentation is in the
doc/README.tests file. (Only the first 15 lines of the commit message are shown above )
|
Mon, 16 Aug 2021
|
[ 23:18 Renato Botelho (garga) Author: Jaap Akkerhuis ] 42ac7e7
dns/unbound: Update to 1.13.2
Added a new option DEP-RSA1024 to enable --with-deprecate-rsa-1024
Changelog:
- Merge PR #317: ZONEMD Zone Verification, with RFC 8976 support.
ZONEMD records are checked for zones loaded as auth-zone,
with DNSSEC if available. There is an added option
zonemd-permissive-mode that makes it log but not fail wrong zones.
With zonemd-reject-absence for an auth-zone the presence of a
zonemd can be mandated for specific zones.
- Fix: Resolve interface names on control-interface too.
- Merge #470 from edevil: Allow configuration of persistent TCP
connections. (Only the first 15 lines of the commit message are shown above )
|
Tue, 9 Feb 2021
|
[ 19:49 nc ]
dns/unbound: Update to 1.13.1
Changes: https://nlnetlabs.nl/news/2021/Feb/09/unbound-1.13.1-released/
PR: 253376
Submitted by: Jaap Akkerhuis <jaap AT NLnetLabs DOT nl> (maintainer)
|
Sat, 12 Dec 2020
|
[ 16:54 brnrd ]
dns/unbound: Security update to 1.13.0
* Sort options and port_docs while here
PR: 251563
Submitted by: Jaap Akkerhuis <jaap nlnetlabs nl> (maintainer)
Approved by: maintainer (implicit)
MFH: 2020Q4
Security: 388ebb5b-3c95-11eb-929d-d4c9ef517024
|
Mon, 12 Oct 2020
|
[ 15:33 garga ]
dns/unbound: Update to 1.12.0
PR: 250199
Submitted by: maintainer
Sponsored by: Rubicon Communications, LLC (Netgate)
|
Fri, 21 Aug 2020
|
[ 14:17 lwhsu ]
dns/unbound: Update to 1.11.0
PR: 248808
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
|
Tue, 19 May 2020
|
[ 19:02 delphij ]
dns/unbound: update to 1.10.1.
PR: 246569
Submitted by: Jaap Akkerhuis (maintainer)
MFH: 2020Q2
Security: CVE-2020-12662, CVE-2020-12663
|
Sat, 22 Feb 2020
|
[ 13:59 pi ]
dns/unbound: update 1.9.6 -> 1.10.0
PR: 244244
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
Relnotes: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=244244#c0
|
Mon, 16 Dec 2019
|
[ 09:44 joneum ]
Update to 1.9.6
PR: 242603
Sponsored by: Netzkommune GmbH
|
Sat, 23 Nov 2019
|
[ 12:54 joneum ]
Update to 1.9.5
Changelog:
https://nlnetlabs.nl/projects/unbound/security-advisories/#vulnerability-in-ipsec-module
PR: 242075
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
MFH: 2019Q4
Sponsored by: Netzkommune GmbH
|
Thu, 3 Oct 2019
|
[ 19:28 sunpoet ]
Update to 1.9.4
Changes: https://github.com/NLnetLabs/unbound/blob/master/doc/Changelog
PR: 241033
Reported by: C <cm@appliedprivacy.net>
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
Security: 108a4be3-e612-11e9-9963-5f1753e0aca0
MFH: 2019Q4
|
Mon, 2 Sep 2019
|
[ 16:31 swills ]
dns/unbound: update to 1.9.3
Whil here, improve rc script
PR: 240163
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
|
Wed, 19 Jun 2019
|
[ 04:56 joneum ]
Update to 1.9.2
PR: 238651
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
Sponsored by: Netzkommune GmbH
|
Mon, 18 Mar 2019
|
[ 11:35 swills ]
dns/unbound: update to 1.9.1
PR: 236575
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
|
Tue, 5 Feb 2019
|
[ 14:27 sunpoet ]
Update to 1.9.0
Changes: https://www.nlnetlabs.nl/svn/unbound/tags/release-1.9.0/doc/Changelog
PR: 235522
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
|
Wed, 26 Dec 2018
|
[ 22:20 swills ]
dns/unbound: Update to 1.8.3
PR: 233933
Submitted by: jaap@NLnetLabs.nl
|
Sun, 9 Dec 2018
|
[ 01:06 swills ]
dns/unbound: Update to 1.8.2
PR: 233796
Submitted by: jaap@NLnetLabs.nl (maintainer)
|
Mon, 8 Oct 2018
|
[ 17:29 swills ]
dns/unbound upgrade to 1.8.1
PR: 232070
Submitted by: jaap@NLnetLabs.nl (maintainer)
|
Tue, 18 Sep 2018
|
[ 18:24 swills ]
dns/unbound: update to 1.8.0
Bump PORTREVISION on consumers due to library major version change
PR: 231283
Submitted by: jaap@NLnetLabs.nl (maintainer)
|
Thu, 21 Jun 2018
|
[ 21:12 sunpoet ]
Update to 1.7.3
Changes: https://www.nlnetlabs.nl/svn/unbound/tags/release-1.7.3/doc/Changelog
PR: 229202
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
|
Thu, 14 Jun 2018
|
[ 23:22 swills ]
dns/unbound: upgrade to 1.7.2
PR: 228889
Submitted by: jaap@NLnetLabs.nl (maintainer)
|
Thu, 10 May 2018
|
[ 14:50 miwi ]
- Update to 2.5.9
- Update WWW
PR: 227949
Submitted by: maintainer
Sponsored by: iXsystems Inc.
|
Wed, 21 Mar 2018
|
[ 17:00 pi ]
dns/unbound: upgrade 1.6.8 -> 1.7.0
Features
- auth-zone provides a way to configure RFC7706 from unbound.conf,
eg. with auth-zone: name: "." for-downstream: no for-upstream: yes
fallback-enabled: yes and masters or a zonefile with data.
- Aggressive use of NSEC implementation. Use cached NSEC records to
generate NXDOMAIN, NODATA and positive wildcard answers.
- Accept tls-upstream in unbound.conf, the ssl-upstream keyword is
also recognized and means the same. Also for tls-port,
tls-service-key, tls-service-pem, stub-tls-upstream and
forward-tls-upstream.
- [dnscrypt] introduce dnscrypt-provider-cert-rotated option,
from Manu Bretelle.
This option allows handling multiple cert/key pairs while only (Only the first 15 lines of the commit message are shown above )
|
Fri, 19 Jan 2018
|
[ 16:27 dbaio ]
dns/unbound: Update to 1.6.8, Fixes security vulnerability
PR: 225313
Submitted by: jaap@NLnetLabs.nl (maintainer)
MFH: 2018Q1
Security: 8d3bae09-fd28-11e7-95f2-005056925db4
|
Thu, 12 Oct 2017
|
[ 14:44 dbaio ]
dns/unbound: Update to 1.6.7
Changes: http://www.unbound.net/pipermail/unbound-users/2017-October/004972.html
PR: 222941
Submitted by: jaap@NLnetLabs.nl (maintainer)
|
Fri, 22 Sep 2017
|
[ 00:51 dbaio ]
dns/unbound: Update to 1.6.6
Changes: http://www.unbound.net/pipermail/unbound-users/2017-September/004936.html
PR: 222503
Submitted by: jaap@NLnetLabs.nl (maintainer)
|
Mon, 21 Aug 2017
|
[ 21:45 swills ]
dns/unbound: Upgrade to 1.6.5
PR: 221692
Submitted by: jaap@NLnetLabs.nl (maintainer)
|
Wed, 12 Jul 2017
|
[ 22:44 dbaio ]
dns/unbound: Update to 1.6.4
Changes: http://www.unbound.net/pipermail/unbound-users/2017-June/004818.html
PR: 220673
Submitted by: jaap@NLnetLabs.nl (maintainer)
Approved by: garga (mentor, implicit)
|
Tue, 13 Jun 2017
|
[ 20:37 adamw ]
Update unbound to 1.6.3.
This release fixes a spurious assertion failure when unbound receives a
malformed packet with 0x20 enabled.
Bug Fixes
- Fix #1280: Unbound fails assert when response from authoritative
contains malformed qname. When 0x20 caps-for-id is enabled, when
assertions are not enabled the malformed qname is handled correctly.
PR: 219958
Submitted by: maintainer (jaap NLnetLabs nl)
|
Sat, 29 Apr 2017
|
[ 20:59 pi ]
dns/unbound: update 1.6.1 -> 1.6.2
PR: 218872
Changes: http://www.unbound.net/pipermail/unbound-users/2017-April/004762.html
Submitted by: jaap@NLnetLabs.nl (maintainer)
|
Wed, 8 Mar 2017
|
[ 01:48 wen ]
- Update to 1.6.1
PR: 217614
Submitted by: jaap@NLnetLabs.nl(maintainer)
|
Sat, 17 Dec 2016
|
[ 13:20 sunpoet ]
- Update to 1.6.0
- Do not silence installation message
- While I'm here:
- Move LIB_DEPENDS upwards
- Use = instead of += for CONFIGURE_ARGS and USES
- Convert to options helper
- Use TEST_TARGET
Changes: https://unbound.nlnetlabs.nl/pipermail/unbound-users/2016-December/004587.html
PR: 215322
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
|
Sun, 2 Oct 2016
|
[ 10:30 pawel ]
Update to version 1.5.10
In this release there is a fix for long downtime after connectivity
loss, which was a longstanding unsolved issue. Features for tcp, TCP
Fast Open and timeout pressure to close connections when the tcp
connections are getting full. Option to use ipv6 /64 for extra entropy.
Features
- Create a pkg-config file for libunbound in contrib.
- TCP Fast open patch from Sara Dickinson.
- Finegrained localzone control with define-tag, access-control-tag,
access-control-tag-action, access-control-tag-data, local-zone-tag, and
local-zone-override. And added types always_transparent, always_refuse,
always_nxdomain with that.
- If more than half of tcp connections are in use, a shorter timeout (Only the first 15 lines of the commit message are shown above )
|
Wed, 24 Aug 2016
|
[ 15:11 mat ]
Do not auto-enable unbound munin plugins when installing unbound.
PR: 211999
Submitted by: maintainer
Reported by: wollman
Sponsored by: Absolight
|
Sat, 18 Jun 2016
|
[ 21:53 rm ]
dns/unbound: update to 1.5.9
PR: 210257
Submitted by: jaap@NLnetLabs.nl (maintainer)
|
Tue, 15 Mar 2016
|
[ 06:19 ohauer ]
- Update unbound to version 1.5.8
- add OPTION for DNSTAP logging support
- rename OPTION s/MUNIN/MUNIN_PLUGIN/ so it is consistent with nsd
- use OPTIONS_SUB
- use ${opt}_target
- use @sample macro for unbound.conf
- sort pkg-plist
Features
- ip-transparent option for FreeBSD with IP_BINDANY socket option.
- insecure-lan-zones: yesno config option, patch from Dag-Erling Smorgrav.
- RR Type CSYNC support RFC 7477, in debug printout and config input.
- RR Type OPENPGPKEY support (draft-ietf-dane-openpgpkey-07).
- [bugzilla: 731 ] tcp-mss, outgoing-tcp-mss options for unbound.conf, patch (Only the first 15 lines of the commit message are shown above )
|
Thu, 4 Feb 2016
|
[ 15:58 erwin ]
- Update unbound to 1.5.7
- Bump PORTREVISIOn on dependent ports
Some Upgrade Notes:
This release fixes a validation failure for nodata with wildcards and
emptynonterminals. Fixes OpenSSL Library compability. Fixes correct
response for malformed EDNS queries. For crypto in libunbound there is
libnettle support.
Qname minimisation is implemented. Use qname-minimisation: yes to
enable it. This version sends the full query name when an error is
found for intermediate names. It should therefore not fail for names
on nonconformant servers. It combines well with
harden-below-nxdomain: yes because those nxdomains are probed by the (Only the first 15 lines of the commit message are shown above )
|
Sun, 11 Oct 2015
|
[ 12:58 sem ]
- Update to 1.5.5
|
Mon, 17 Aug 2015
|
[ 19:31 sem ]
- Update to 1.5.4
- Disable FILTER_AAAA option. The patch is obsolated.
PR: 202385
Submitted by: edwin
|
Sun, 3 May 2015
|
[ 14:21 bapt ]
Use @dir mechanisms to ensure etc/unbound belongs to the unbound user
|
Thu, 12 Mar 2015
|
[ 14:47 sem ]
- Update to 1.5.3
PR: 198538
Submitted by: garga
|
Thu, 19 Feb 2015
|
[ 17:55 sem ]
- Update to 1.5.2
|
Wed, 10 Dec 2014
|
[ 13:44 sem ]
- Do not remove /var/run/unbound for smooth upgrading.
PR: 195846
Submitted by: roberto
|
Tue, 9 Dec 2014
|
[ 17:11 sem ]
- Fix build with python
- Fix plist
PR: 195803
|
Fri, 5 Dec 2014
|
[ 18:52 sem ]
- Update to 1.5.0
- Removed FreeBSD 10 check for libevent, because of upstream fixes (as stated in
changelog)
- Converted files/patch-Makefile.in to sed patch, which is position independent
PR: 195674
Submitted by: lightside@gmx.com
|
Mon, 27 Oct 2014
|
[ 12:13 bapt ] (Only the first 10 of 83 ports in this commit are shown above. )
Cleanup plist
|
Wed, 27 Aug 2014
|
[ 06:32 koobs ]
dns/unbound: Fix packaging with PYTHON option enabled
- Fix packaging with PYTHON option enabled
While I'm here, pet portlint.
PR: 193057
Reported by: Jaret Bartsch <jaretbartsch at yahoo dot ca>
Reviewed by: antoine
Approved by: portmgr (blanket: packaging)
|
Fri, 22 Aug 2014
|
[ 09:06 amdmi3 ]
- Switch dns/unbound to USES=libtool, drop .la files
- Bump dependent ports as .so version has changed
- While here, add LICENSE_FILE to dns/getdns
Approved by: portmgr blanket
|
Tue, 4 Mar 2014
|
[ 15:51 zi ]
- Add STAGE support
- Fix build with custom LOCALBASE/PREFIX
- Add ability to specify flags to unbound-anchor via unbound_anchorflags in
rc.conf (useful for when /etc/resolv.conf only contains 127.0.0.1)
- Bump PORTREVISION
PR: ports/187239
Submitted by: zi@
Approved by: sem@ (maintainer)
|
Mon, 23 Sep 2013
|
[ 02:39 sem ]
- Update to 1.4.21
|
Tue, 26 Jun 2012
|
[ 17:44 zi ]
- Add Munin Support [1]
- Add LICENSE
- Fix ECDSA Support
- Convert to OptionsNG
- Pacify portlint(1)
- Stylistic changes
- Remove pkg-install/pkg-deinstall files
PR: ports/156015
Submitted by: Takefu <takefu@airport.fm> [1]
Approved by: sem@ (maintainer)
|
Fri, 27 Jan 2012
|
[ 09:40 sem ]
- Fix plist
Submitted by: dougb
|
Tue, 9 Nov 2010
|
[ 14:09 sem ]
- Update to 1.4.7
* It uses GOST by default and depends on port's openssl 1.0.0
(may be turned off by an option).
|
Thu, 17 Dec 2009
|
[ 12:45 sem ]
- Update to 1.4.1
- Use --disable-sha2 on 6.4 because of broken OpenSSL in base.
|
Tue, 16 Jun 2009
|
[ 13:35 sem ]
- Update to 1.3.0
|
Wed, 19 Nov 2008
|
[ 20:59 sem ]
- Update to 1.1.0
|
Wed, 21 May 2008
|
[ 17:12 sem ]
- Update to 1.0
|
Tue, 29 Apr 2008
|
[ 07:35 sem ]
- New port: dns/unbound
Unbound is designed as a set of modular components, so that also
DNSSEC (secure DNS) validation and stub-resolvers (that do not run as
a server, but are linked into an application) are easily possible.
Goals:
* A validating recursive DNS resolver.
* Code diversity in the DNS resolver monoculture.
* Drop-in replacement for BIND apart from config.
* DNSSEC support.
* Fully RFC compliant.
* High performance
o even with validation.
* Used as (Only the first 15 lines of the commit message are shown above )
|
Number of commits found: 65 |