[Unbound-users] Release of unbound 1.3.1
wouter at NLnetLabs.nl
Thu Jul 9 09:42:58 UTC 2009
-----BEGIN PGP SIGNED MESSAGE-----
Unbound 1.3.1 is released. Tarball is here:
Short summary: contains bugfixes for bugs reported.
* unbound_munin_ in contrib uses ps to show total memory rss if sbrk
hack does not work.
* Added build-unbound-localzone-from-hosts.pl to contrib, from Dennis
DeDonatis. It converts /etc/hosts into config statements.
* Fixup potential wrong NSEC picked out of the cache.
* If unfulfilled callbacks are deleted they are called with an error.
* fwd above stub in configuration works.
* [bugzilla: 254 ] removed random whitespace from example.conf.
* Fixed bug where cached responses would lose their security status on
second validation, which especially impacted dlv lookups. Reported by
* Fixup opportunistic target query generation to it does not generate
queries that are known to fail.
* harden-referral-path: handle cases where NS is in answer section.
* updated fedora specfile in contrib from Paul Wouters.
* Fix EDNS fallback when EDNS works for short answers but long answers
* On Linux, fragment IPv6 datagrams to the IPv6 minimum MTU, to avoid
dropped packets at routers.
* Fix of message parse bug where (specifically) an NSEC and RRSIG in the
wrong order would be parsed, but put wrongly into internal structures so
that later validation would fail.
* Queries for type DS when forward or stub zones are there. They are
performed to higherup domains, and thus treated as if going to higher
zones when looking up the right forward or stub server. This makes a
stub pointing to a local server that has a local view of example.com
signed with the same keys as are publicly used work. Reported by Johan
* same thing fixed for forward-zone and DS, chain of trust from public
internet into the forward-zone works now.
* flush_type and flush_name remove message cache entries as well, so
they remove errors from the cache as well
* delegationpoint bogus flag copied fix
* [bugzilla: 251 ] openssl key files are opened 'apache-style', from
user root and before the chroot. This makes permissions on
remote-control key files easier.
* fail to configure with python if swig is not found.
* Fix of empty -L during linking
* updated ldns tarball to latest
* updated iana portlist
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
-----END PGP SIGNATURE-----
More information about the Unbound-users