Hi, Unbound 1.7.3rc1 pre-release is available. https://www.nlnetlabs.nl/downloads/unbound/unbound-1.7.3rc1.tar.gz sha256 78913d28ff7dfa5fe8a69f235956bfdcb4cc4bdaeb45f03ed6eba5ebddfad5d0 pgp https://www.nlnetlabs.nl/downloads/unbound/unbound-1.7.3rc1.tar.gz.asc
This release fixes a bug in qname minimisation, from 1.7.1, that double counts CNAMEs and this causes resolution failures because the maximum CNAME count is hit. This caught attention because since 1.7.2 qname minimisation is enabled by default. Features - #4102 for NSD, but for Unbound. Named unix pipes do not use certificate and key files, access can be restricted with file and directory permissions. The option control-use-cert is no longer used, and ignored if found in unbound.conf. - Rename tls-additional-ports to tls-additional-port, because every line adds one port. Bug Fixes - Don't count CNAME response types received during qname minimisation as query restart. - #4100: Fix stub reprime when it becomes useless. - Fix crash if ratelimit taken into use with unbound-control instead of with unbound.conf. - Patch to fix openwrt for mac os build darwin detection in configure. - #4103: Fix that auth-zone does not insist on SOA record first in file for url downloads. - Fix that first control-interface determines if TLS is used. Warn when IP address interfaces are used without TLS. Best regards, Wouter
signature.asc
Description: OpenPGP digital signature
