Hello community,
here is the log from the commit of package pdns-recursor for openSUSE:Factory
checked in at 2015-02-20 12:01:40
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/pdns-recursor (Old)
and /work/SRC/openSUSE:Factory/.pdns-recursor.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "pdns-recursor"
Changes:
--------
--- /work/SRC/openSUSE:Factory/pdns-recursor/pdns-recursor.changes
2014-12-16 14:50:09.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.pdns-recursor.new/pdns-recursor.changes
2015-02-20 12:01:42.000000000 +0100
@@ -1,0 +2,133 @@
+Thu Feb 12 15:05:49 UTC 2015 - mrueck...@suse.de
+
+- update to 3.7.1
+ This version contains a mix of speedups and improvements, the combined effect
+ of which is vastly improved resilience against traffic spikes and malicious
+ query overloads.
+ Minor changes:
+ - Removal of dead code here and there
+ 04dc6d618734fc630122de4c56dff641ebaf0988
+ - Per-qtype response counters are now 64 bit
+ 297bb6acf7902068693a4aae1443c424d0e8dd52 on 64 bit systems
+ - Add IPv6 addresses for b and c.root-servers.net hints
+ efc2595423c9a1be6f2d8f4da25445198ceb8b57
+ - Add IP address to logging about terminated queries
+ 37aa9904d1cc967ba4b5d5e17dbe41485f8cdece
+ - Improve qtype name logging
+ fab3ed3453e15ae88e29a0e4071b214eb19caad9 (Aki Tuomi)
+ - Redefine 'BAD_NETS' for dont-query based on newer IANA guidance
+ 12cd44ee0fcde5893f85dccc499bfc35152c5fff (lochiiconnectivity)
+ - Add documentation links to systemd unit
+ eb154adfdffa5c78624e2ea98e938d7b5787119e (Ruben Kerkhof)
+ Improvements:
+ - Upgrade embedded PolarSSL to 1.3.9:
+ d330a2ea1a93d7675ef680311f8aa0306aeefcf1
+ - yahttp upgrade c290975778942ed1082ca66918695a5bd2d6bac4
+ c65a57e888ee48eaa948e590c90c51420bffa847 (Aki Tuomi)
+ - Replace . in hostnames by - for Carbon so as not to confuse
+ Metronome 46541751ed1c3bc051d78217543d5fc76733e212
+ - Manpages got a lot of love and are now built from Markdown
+ (Pieter Lexis)
+ - Move to PolarSSL base64
+ 488360551009784ab35c43ee4580e773a2a8a227 (Kees Monshouwer)
+ - The quiet=no query logging is now more informative
+ 461df9d20c560d240285f772c09b3beb89d46daa
+ - We can finally bind to 0.0.0.0 and :: and guarantee answers
+ from the correct source
+ b71b60ee73ef3c86f80a2179981eda2e61c4363f
+ - We use per-packet timestamps to drop ancient traffic in case of
+ overload b71b60ee73ef3c86f80a2179981eda2e61c4363f, non-Linux
+ portability in d63f0d83631c41eff203d30b0b7c475a88f1db59
+ - Builtin webserver can be queried with the API key in the URL
+ again c89f8cd022c4a9409b95d22ffa3b03e4e98dc400
+ - Ringbuffers are now available via API
+ c89f8cd022c4a9409b95d22ffa3b03e4e98dc400
+ - Lua 5.3 compatibility 59c6fc3e3931ca87d484337daee512e716bc4cf4
+ (Kees Monshouwer)
+ - No longer leave a stale UNIX domain socket around from
+ rec_control if the recursor was down
+ 524e4f4d81f4ed9eb218715cbc8a59f0b9868234, ticket #2061
+ - Running with 'quiet=no' would strangely actually prevent debug
+ messages from being logged
+ f48d7b657ec32517f8bfcada3bfe6353ca313314
+ - Webserver now implements CORS for the API
+ ea89a97e864c43c1cb03f2959ad04c4ebe7580ad, fixing ticket #1984
+ - Houskeeping thread would sometimes run multiple times
+ simultaneously, which worked, but was odd
+ cc59bce675e62e2b9657b42614ce8be3312cae82
+ New features:
+ - New `root-nx-trust` flag makes PowerDNS generalize NXDOMAIN
+ responses from the root-servers
+ 01402d56846a3a61811ebd4e6bc97e53f908e568
+ - `getregisteredname()` for Lua, which turns 'www.bbc.co.uk' into
+ 'bbc.co.uk' 8cd4851beb78bc6ab320926fb5cb6a09282016b1
+ - Lua preoutquery filter 3457a2a0ec41d3b3aff7640f30008788e1228a6e
+ - Lua IP-based filter (ipfilter) before parsing packets
+ 4ea949413c495254acb0bd19335142761c1efc0c
+ - `iputils` class for Lua, to quickly process IP addresses and
+ netmasks in their native format
+ - `getregisteredname` function for Lua, to find the registered
+ domain for a given name
+ - Various new ringbuffers: top-servfail-remotes,
+ top-largeanswer-remotes, top-servfail-queries
+ Speedups:
+ - Remove unneeded malloc traffic
+ 93d4a89096e64d53740790f58fadec56f6a0af14
+ 8682c32bc45b6ffa7c0f6da778e1b223ae7f03ce
+ a903b39cfe7364c56324038264d3db50b8cece87
+ - Our nameserver-loop detection carried around a lot of baggage
+ for complex domain names, plus did not differentiate IPv4 and
+ IPv6 well enough 891fbf888ccac074e3edc38864641ca774f2f03c
+ - Prioritize new queries over nameserver responses, improving
+ latency under query bursts
+ bf3b0cec366c090af000b066267b6f6bbb3a512a
+ - Remove escaping in case there was nothing to escape
+ 83b746fd1d94c8742d8bd87a44beb44c154230c7
+ - Our logging infrastructure had a lot of locking
+ d1449e4d073595e1e1581804f121fc90e37158bf
+ - Reduce logging level of certain common messages, which locked
+ up synchronously logging systems
+ 854d44e31c76aa650520e6d462dd3a02b5936f7a
+ - Add limit on total wall-clock time spent on a query
+ 9de3e0340fa066d4c59449e1643a1de8c343f8f2
+ - Packet cache is now case-insensitive, which increases hitrate
+ 90974597aadaf1096e3fd0dc450be7422ea591a5
+ Security relevant:
+ - Check for PIE, RELRO and stack protector during configure
+ 8d0354b189c12e1e14f5309d3b49935c17f9eeb0 (Aki Tuomi)
+ - Testing for support of PIE etc was improved in
+ b2053c28ccb9609e2ce7bcb6beda83f98a062aa3 and beyond, fixes
+ #2125 (Ruben Kerkhof)
+ - Max query-per-query limit (max-qperq) is now configurable
+ 173d790ead08f67733010ca4c6fc404a040fe699
+ Bugs fixed:
+ - IPv6 outgoing queries had a disproportionate effect on our
+ query load. Fixed in 76f190f2a0877cd79ede2994124c1a58dc69ae49
+ and beyond.
+ - rec_control gave incorrect output on a timeout
+ 12997e9d800734da51b808767e1e2477244c30eb
+ - When using the webserver AND having an error in the Lua script,
+ recursor could crash during startup
+ 62f0ae62984adadab687c23fe1b287c1f219b2cb
+ - Hugely long version strings would trip up security polling
+ 18b7333828a1275ae5f5574a9c8330290d8557ff (Kees Monshouwer)
+ - The 'remotes' ringbuffer was sized incorrectly
+ f8f243b01215d6adcb59389f09ef494f1309041f
+ - Cache sizes had an off-by-one scaling problem, with the wrong
+ number of entries allocated per thread
+ f8f243b01215d6adcb59389f09ef494f1309041f
+ - Our automatic file descriptor limit raising was attempted
+ *after* setuid, which made it a lot less effective. Found and
+ fixed by Aki Tuomi a6414fdce9b0ec32c340d1f2eea2254f3fedc1c1
+ - Timestamps used for dropping packets were occasionaly wrong
+ 183eb8774e4bc2569f06d5894fec65740f4b70b6 and
+ 4c4765c104bacc146533217bcc843efb244a8086 (RC2) with thanks to
+ Winfried for debugging.
+ - In RC1, our new DoS protection measures would crash the
+ Recursor if too many root servers were unreachable.
+ 6a6fb05ad81c519b4002ed1db00f3ed9b7bce6b4. Debugging and testing
+ by Fusl.
+- remove pdns-rec-lua52.patch:
+ no longer needed
+
+-------------------------------------------------------------------
Old:
----
pdns-rec-lua52.patch
pdns-recursor-3.6.2.tar.bz2
New:
----
pdns-recursor-3.7.1.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ pdns-recursor.spec ++++++
--- /var/tmp/diff_new_pack.LrhWsi/_old 2015-02-20 12:01:43.000000000 +0100
+++ /var/tmp/diff_new_pack.LrhWsi/_new 2015-02-20 12:01:43.000000000 +0100
@@ -24,7 +24,7 @@
Name: pdns-recursor
-Version: 3.6.2
+Version: 3.7.1
Release: 1
%define pkg_version %{version}
#
@@ -69,7 +69,6 @@
Source2: recursor.conf
Source3: pdns-recursor.service
Source4: pdns-recursor.tmpfiles.d
-Patch: pdns-rec-lua52.patch
#
Summary: Modern, advanced and high performance recursing/non
authoritative nameserver
%description
@@ -83,10 +82,10 @@
%prep
%setup -n %{name}-%{pkg_version}
-%patch
%build
-make %{makeflags}
+./configure
+make %{makeflags} all
%install
make install DESTDIR="%{buildroot}" %{makeflags}
++++++ pdns-recursor-3.6.2.tar.bz2 -> pdns-recursor-3.7.1.tar.bz2 ++++++
++++ 27095 lines of diff (skipped)
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
