I am out of the office October 1st & 2nd and will respond to your message as quickly as possible once I return.
Amanda On Oct 1, 2018, at 11:27 AM, Amanda Constant via Unbound-users <[email protected]> wrote: > I am out of the office October 1st & 2nd and will respond to your message as > quickly as possible once I return. > > Amanda > > On Oct 1, 2018, at 6:30 AM, Wouter Wijngaards via Unbound-users > <[email protected]> wrote: > > Hi, > > Unbound 1.8.1rc1 pre-release is available: > https://nlnetlabs.nl/downloads/unbound/unbound-1.8.1rc1.tar.gz > sha256 e1f285320f6f826ffe50dea8ad405bebaa84d13bdfefc91add1676c272029a46 > pgp https://nlnetlabs.nl/downloads/unbound/unbound-1.8.1rc1.tar.gz.asc > > This release of Unbound contains a number of bug fixes. A memory leak > in the TLS lookup code is fixed. Leaked requests in the requestlist are > fixed. Lookup failure due to qname minimisation and a lack of IPv6 with > connectivity issues is fixed. > > TLS upstream servers are signalled with SNI with the name that is > configured. This allows hosting servers by name on the destination. > > Also Unbound is fixed from calling disallowed routines, by using EVP > code, for FIPS OpenSSL. > > > Features: > - Perform TLS SNI indication of the host that is being contacted > for DNS over TLS service. It sets the configured tls auth name. > This is useful for hosts that apart from the DNS over TLS services > also provide other (web) services. > > Bug Fixes: > - More explicitly mention the type of ratelimit when applying > ip-ratelimit. > - Fix spelling error in header, from getdns commit by Andreas Gelmini. > - iana port update. > - Fixed unused return value warnings in contrib/fastrpz.patch for > asprintf. > - Fix to squelch respip warning in unit test, it is printed at > higher verbosity settings. > - Fix spelling errors. > - Fix initialisation in remote.c > - Fix seed for random backup code to use explicit zero when wiped. > - exit log routine is annotated as noreturn function. > - free memory leaks in config strlist and str2list insert functions. > - do not move unused argv variable after getopt. > - Remove unused if clause in testcode. > - in testcode, free async ids, initialise array, and check for null > pointer during test of the test. And use exit for return to note > irregular program stop. > - Free memory leak in config strlist append. > - make sure nsec3 comparison salt is initialized. > - unit test has clang analysis. > - remove unused variable assignment from iterator scrub routine. > - check for null in delegation point during iterator refetch > in forward zone. > - neater pointer cast in libunbound context quit routine. > - initialize statistics totals for printout. > - in authzone check that node exists before adding rrset. > - in unbound-anchor, use readwrite memory BIO. > - assertion in autotrust that packed rrset is formed correctly. > - Fix memory leak when message parse fails partway through copy. > - remove unused udpsize assignment in message encode. > - nicer bio free code in unbound-anchor. > - annotate exit functions with noreturn in unbound-control. > - Fix compile on Mac for unbound, provide explicit_bzero when libc > does not have it. > - Fix unbound for openssl in FIPS mode, it uses the digests with > the EVP call contexts. > - Fix that with harden-below-nxdomain and qname minisation enabled > some iterator states for nonresponsive domains can get into a > state where they waited for an empty list. > - Stop UDP to TCP failover after timeouts that causes the ping count > to be reset by the TCP time measurement (that exists for TLS), > because that causes the UDP part to not be measured as timeout. > - Fix #4156: Fix systemd service manager state change notification. > - Fix #4149: Add SSL cleanup for tcp timeout. > - Fix #4188: IPv6 forwarders without ipv6 result in SERVFAIL, fixes > qname minimisation with a forwarder when connectivity has issues > from rejecting responses. > > Best regards, Wouter > > > > > > ______________________________________________________________________ > This email has been scanned by the Symantec Email Security.cloud service. > For more information please visit http://www.symanteccloud.com > ______________________________________________________________________
