Unbound 1.16.0 released
yvoinov at gmail.com
Thu Jun 2 12:44:47 UTC 2022
02.06.2022 17:51, Wouter Wijngaards via Unbound-users пишет:
> Unbound 1.16.0 is available:
> sha256 6701534c938eb019626601191edc6d012fc534c09d2418d5b92827db0cbe48a5
> pgp https://nlnetlabs.nl/downloads/unbound/unbound-1.16.0.tar.gz.asc
> This release has EDE support, for extended EDNS error reporting,
> it fixes unsupported ZONEMD algorithms to load, and has more bug fixes.
> The EDE errors can be turned on by `ede: yes`, it is default disabled.
> Validation errors and other errors are then reported. If you also want
> stale answers for expired responses to have an error code, the option
> `ede-serve-expired: yes` can be used.
> - Merge PR #604: Add basic support for EDE (RFC8914).
> Bug Fixes
> - Fix #412: cache invalidation issue with CNAME+A.
> - Fix that TCP interface does not use TLS when TLS is also configured.
> - Fix #624: Unable to stop Unbound in Windows console (does not
> respond to CTRL+C command).
> - Fix #618: enabling interface-automatic disables DNS-over-TLS.
> Adds the option to list interface-automatic-ports.
> - Remove debug info from #618 fix.
> - Fix #628: A rpz-passthru action is not ending RPZ zone processing.
> - Fix for #628: fix rpz-passthru for qname trigger by localzone type.
> - Fix that address not available is squelched from the logs for
> udp connect failures. It is visible on verbosity 4 and more.
> - Merge #631 from mollyim: Replace OpenSSL's ERR_PACK with
> - Fix to detect that no IPv6 support means that IPv6 addresses are
> useless for delegation point lookups.
> - update Makefile dependencies.
> - Fix check interface existence for support detection in remote lookup.
> - Fix #633: Document unix domain socket support for unbound-control.
> - Fix for #633: updated fix with new text.
> - Fix edns client subnet to add the option based on the option list,
> so that it is not state dependent, after the state fix of #605 for
> double EDNS options.
> - Fix for edns client subnet option add fix in removal code, from review.
> - Fix #630: Unify the RPZ log messages.
> - Merge #623 from rex4539: Fix typos.
> - Fix pythonmod for change in iter_dp_is_useless function prototype.
> - Fix compile warnings for printf ll format on mingw compile.
> - Merge PR #632 from scottrw93: Match cnames in ipset.
> - Various fixes for #632: variable initialisation, convert the qinfo
> to str once, accept trailing dot in the local-zone ipset option.
> - Fix #637: Integer Overflow in sldns_str2period function.
> - Fix for #637: fix integer overflow checks in sldns_str2period.
> - Fix configure for python to use sysutils, because distutils is
> deprecated. It uses sysutils when available, distutils otherwise.
> - Merge #644: Make `install-lib` make target install the pkg-config
> - Fix to ensure uniform handling of spaces and tabs when parsing RRs.
> - Fix to describe auth-zone and other configuration at the local-zone
> configuration option, to allow for more broadly view of the options.
> - Merge PR #648 from eaglegai: fix -q doesn't work when use with
> 'unbound-control stats_shm'.
> - Fix #651: [FR] Better logging for refused queries.
> - Fix spelling error in comment in sldns_str2wire_svcparam_key_lookup.
> - Fix zonemd check to allow unsupported algorithms to load.
> If there are only unsupported algorithms, or unsupported schemes,
> and no failed or successful other ZONEMD records, or malformed
> or bad ZONEMD records, the unsupported records allow the zone load.
> - Fix zonemd unsupported algo check.
> - Fix zonemd unsupported algo check reason to not copy to next record,
> and check for success for debug printout.
> - Fix zonemd unsupported algo check to print unsupported reason before
> zeroing it.
> - Fix zonemd unsupported algo check to set reason to NULL before the
> check routine, but after malformed checks, to get the correct NULL
> output when the digest matches.
> - Fix #670: SERVFAIL problems with unbound 1.15.0 running on
> OpenBSD 7.1.
> - Fix Python build in non-source directory; based on patch by
> Michael Tokarev.
> - Fix #673: DNS over TLS: error: SSL_handshake syscall: No route to
> - Merge #677: Allow using system certificates not only on Windows,
> from pemensik.
> - For #677: Added tls-system-cert to config parser and documentation.
> - Fix #417: prefetch and ECS causing cache corruption when used
> - Fix #678: [FR] modify behaviour of unbound-control rpz_enable zone,
> by updating unbound-control's documentation.
> - Fix typos in config_set_option for the 'num-threads' and
> 'ede-serve-expired' options.
> - Fix to silence test for ede error output to the console from the
> test setup script.
> - Fix ede test to not use default pidfile, and use local interface.
> - Fix some lint type warnings.
> - Fix #684: [FTBS] configure script error with libmnl on openSUSE 15.3
> (and possibly other distributions)
> Best regards, Wouter
More information about the Unbound-users