Hello community, here is the log from the commit of package unbound for openSUSE:Factory checked in at 2019-06-27 15:51:55 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/unbound (Old) and /work/SRC/openSUSE:Factory/.unbound.new.4615 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "unbound" Thu Jun 27 15:51:55 2019 rev:38 rq:710819 version:1.9.2 Changes: -------- --- /work/SRC/openSUSE:Factory/unbound/libunbound-devel-mini.changes 2019-03-20 13:17:47.797364378 +0100 +++ /work/SRC/openSUSE:Factory/.unbound.new.4615/libunbound-devel-mini.changes 2019-06-27 15:51:57.843800196 +0200 @@ -1,0 +2,90 @@ +Mon Jun 17 17:21:10 UTC 2019 - Michael Ströder <[email protected]> + +- update to 1.9.2 + +Features +- add type CAA to libpyunbound (accessing libunbound from python). +- Fix #17: Add python module example from Jan Janak, that is a + plugin for the Unbound DNS resolver to resolve DNS records in + multicast DNS [RFC 6762] via Avahi. The plugin communicates + with Avahi via DBus. The comment section at the beginning of + the file contains detailed documentation. +- travis build file. +- PR #16: XoT support, AXFR over TLS, turn it on with + master: <ip>#<authname> in unbound.conf. This uses TLS to + download the AXFR (or IXFR). + +Bug Fixes +- Fix for #4233: guard use of NDEBUG, so that it can be passed in + CFLAGS into configure. +- Add log message, at verbosity 4, that says the query is encrypted + with TLS, if that is enabled for the query. +- Fix #4239: set NOTIMPL when deny-any is enabled, for RFC8482. +- Fix #4240: Fix whitespace cleanup in example.conf. +- Fix that tls-session-ticket-keys: "" on its own in unbound.conf + disables the tls session ticker key calls into the OpenSSL API. +- Fix crash if tls-servic-pem not filled in when necessary. +- Fix auth-zone NSEC3 response for empty nonterminals with exact + match nsec3 records. +- Fix for out of bounds integers, thanks to OSTIF audit. It is in + allocation debug code. +- Fix for auth zone nsec3 ent fix for wildcard nodata. +- Move goto label in answer_from_cache to the end of the function + where it is more visible. +- Fix auth-zone NSEC3 response for wildcard nodata answers, + include the closest encloser in the answer. +- Fix spelling error in log output for event method. +- Fix to reinit event structure for accepted TCP (and TLS) sockets. +- Fix to use event_assign with libevent for thread-safety. +- verbose information about auth zone lookup process, also lookup + start, timeout and fail. +- Fix to wipe ssl ticket keys from memory with explicit_bzero, + if available. +- Fix that auth zone uses correct network type for sockets for + SOA serial probes. This fixes that probes fail because earlier + probe addresses are unreachable. +- Fix that auth zone fails over to next master for timeout in tcp. +- Squelch SSL read and write connection reset by peer and broken pipe + messages. Verbosity 2 and higher enables them. +- Update python documentation for init_standard(). +- Typos. +- Fix tls write event for read state change to re-call SSL_write and + not resume the TLS handshake. +- Better braces in if statement in TCP fastopen code. +- iana portlist updated. +- Scrub RRs from answer section when reusing NXDOMAIN message for + subdomain answers. +- For harden-below-nxdomain: do not consider a name to be non-exitent + when message contains a CNAME record. +- Fix wrong query name in local zone redirect answers with a CNAME, + the copy of the local alias is in unpacked form. +- contrib/fastrpz.patch updated for code changes, and with git diff. +- Fix #29: Solaris 11.3 and missing symbols be64toh, htobe64. +- Fix #30: AddressSanitizer finding in lookup3.c. This sets the + hash function to use a slower but better auditable code that does + not read beyond array boundaries. This makes code better security + checkable, and is better for security. It is fixed to be slower, + but not read outside of the array. +- Fix edns-subnet locks, in error cases the lock was not unlocked. +- Fix doxygen output error on readme markdown vignettes. +- Squelch log messages from tcp send about connection reset by peer. + They can be enabled with verbosity at higher values for diagnosing + network connectivity issues. +- Attempt to fix malformed tcp response. +- Fix #31: swig 4.0 and python module. +- Note that so-reuseport at extreme load is better turned off, + otherwise queries are not distributed evenly, on Linux 4.4.x. +- Fix that spoolbuf is not used to store tcp pipelined response + between mesh send and callback end. +- Fix double file close in tcp pipelined response code. +- Fix to define _OPENBSD_SOURCE to get reallocarray on NetBSD. +- Fix to guard _OPENBSD_SOURCE from redefinition. +- Fix that fixes the Fix that spoolbuf is not used to store tcp + pipelined response between mesh send and callback end, this fixes + error cases that did not use the correct spoolbuf. +- Fix that fixes the Fix that spoolbuf is not used to store tcp + pipelined response between mesh send and callback end, this fixes + error cases that did not use the correct spoolbuf. +- Fix another spoolbuf storage code point, in prefetch. + +------------------------------------------------------------------- unbound.changes: same change Old: ---- unbound-1.9.1.tar.gz New: ---- unbound-1.9.2.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libunbound-devel-mini.spec ++++++ --- /var/tmp/diff_new_pack.xI11n4/_old 2019-06-27 15:51:59.135802266 +0200 +++ /var/tmp/diff_new_pack.xI11n4/_new 2019-06-27 15:51:59.135802266 +0200 @@ -24,7 +24,7 @@ # Name: libunbound-devel-mini -Version: 1.9.1 +Version: 1.9.2 Release: 0 # # ++++++ unbound.spec ++++++ --- /var/tmp/diff_new_pack.xI11n4/_old 2019-06-27 15:51:59.159802304 +0200 +++ /var/tmp/diff_new_pack.xI11n4/_new 2019-06-27 15:51:59.163802311 +0200 @@ -37,7 +37,7 @@ %define piddir /run Name: unbound -Version: 1.9.1 +Version: 1.9.2 Release: 0 # # ++++++ unbound-1.9.1.tar.gz -> unbound-1.9.2.tar.gz ++++++ ++++ 4327 lines of diff (skipped)
