Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

unbound-libs-1.16.2-5.el8_9.6 RPM for i686

From AlmaLinux 8.10 AppStream for x86_64

Name: unbound-libs Distribution: AlmaLinux
Version: 1.16.2 Vendor: AlmaLinux
Release: 5.el8_9.6 Build date: Fri Apr 12 15:13:02 2024
Group: Unspecified Build host: x64-builder02.almalinux.org
Size: 1763782 Source RPM: unbound-1.16.2-5.el8_9.6.src.rpm
Packager: AlmaLinux Packaging Team <packager@almalinux.org>
Url: https://www.unbound.net/
Summary: Libraries used by the unbound server and client applications
Contains libraries used by the unbound server and client applications

Provides

Requires

License

BSD

Changelog

* Wed Apr 03 2024 Petr Menšík <pemensik@redhat.com> - 1.16.2-5.6
  - Rebuilt again with z-stream target
* Wed Apr 03 2024 Petr Menšík <pemensik@redhat.com> - 1.16.2-5.5
  - Correct typo in new config file
* Mon Mar 11 2024 Petr Menšík <pemensik@redhat.com> - 1.16.2-5.4
  - Ensure group access correction reaches also updated configs (CVE-2024-1488)
* Wed Feb 28 2024 Petr Menšík <pemensik@redhat.com> - 1.16.2-5.3
  - Ensure only unbound group can change configuration (CVE-2024-1488)
* Mon Feb 19 2024 Tomas Korbar <tkorbar@redhat.com> - 1.16.2-5.2
  - Fix wrong entry in changelog
  - Resolves: RHEL-25634
* Fri Feb 16 2024 Tomas Korbar <tkorbar@redhat.com> - 1.16.2-5.1
  - Fix KeyTrap - Extreme CPU consumption in DNSSEC validator CVE-2023-50387
  - Fix Preparing an NSEC3 closest encloser proof can exhaust CPU resources CVE-2023-50868
  - Resolves: RHEL-25660
  - Resolves: RHEL-25634
* Sat Oct 15 2022 Petr Menšík <pemensik@redhat.com> - 1.16.2-5
  - Stop creating wrong devel manual pages (#2135322)
* Sat Oct 15 2022 Petr Menšík <pemensik@redhat.com> - 1.16.2-4
  - Apply correctly previous change (CVE-2022-3204)
* Tue Oct 11 2022 Petr Menšík <pemensik@redhat.com> - 1.16.2-3
  - Fix NRDelegation attack leading to uncontrolled resource consumption
    (CVE-2022-3204)
* Tue Aug 09 2022 Petr Menšík <pemensik@redhat.com> - 1.16.2-2
  - Require openssl tool for unbound-keygen (#2018806)
* Wed Aug 03 2022 Petr Menšík <pemensik@redhat.com> - 1.16.2-1
  - Update to 1.16.2 (#2027735)
* Wed Jun 15 2022 Petr Menšík <pemensik@redhat.com> - 1.16.0-2
  - Restart keygen service before every unbound start (#1959468)
* Wed Jun 15 2022 Petr Menšík <pemensik@redhat.com> - 1.16.0-1
  - Upgrade to 9.16.0 (#2027735)
  - Update to recent version with compatibility with RHEL8 (#2027735)
  - Ensure also source level compatibility with previous version
* Thu May 19 2022 Richard Lescak <rlescak@gmail.com> - 1.7.3-18
  - Change file mode before owner when configuring remote control unix socket to avoid AVC denials
  - Resolves: rhbz#2038251
* Mon Apr 26 2021 Artem Egorenkov <aegorenk@redhat.com> - 1.7.3-17
  - Option --enable-linux-ip-local-port-range added to use system configured port range for libunbound on Linux
  - Resolves: rhbz#1830625
* Tue Apr 06 2021 Artem Egorenkov <aegorenk@redhat.com> - 1.7.3-16
  - Don't start unbound-anchor before unbound service if DISABLE_UNBOUND_ANCHOR
    environment variable equals to "yes"
  - Resolves: rhbz#1922448
* Tue Sep 01 2020 Anna Khaitovich <akhaitov@redhat.com> - 1.7.3-15
  - Fix SPEC file to not check md5 mtime and size of /var/lib/unbound/root.key
  - Resolves: rhbz#1714175
  - Use system-wide crypto policy setting (PROFILE=SYSTEM) instead of custom setting
  - Resolves: rhbz#1842837
  - Enable additional logging in unbound
  - Resolves: rhbz#1850460
  - security hardening from x41 report
  - Resolves: rhbz#1859933
  - symbolic link traversal when writing PID file
  - Resolves: rhbz#1899058
* Thu May 28 2020 Anna Khaitovich <akhaitov@redhat.com> - 1.7.3-14
  - Fix unbound-1.7.3-amplifying-an-incoming-query.patch patch
  - Resolves: rhbz#1839178 (CVE-2020-12662)
* Mon May 25 2020 Anna Khaitovich <akhaitov@redhat.com> - 1.7.3-13
  - Fix two previous patches and add missing patch lines to %prep
  - Fix amplifying an incoming query into a large number of queries directed to a target
  - Resolves: rhbz#1839178 (CVE-2020-12662)
* Tue Apr 21 2020 Anna Khaitovich <akhaitov@redhat.com> - 1.7.3-12
  - Remove KSK-2010 from configuration files
  - Resolves: rhbz#1665502
  - Replace legacy directory /var/run/ with /run
  - Resolves: rhbz#1766463
  - Resolves: rhbz#1805978
  - Fix memory leak when DNS over TLS forwarding is configured
  - Resolves: rhbz#1819870
* Thu Apr 16 2020 Artem Egorenkov <aegorenk@redhat.com> - 1.7.3-11
  - Resolves bz1818761. unbound crash fixed.
* Tue Dec 10 2019 Tomas Korbar <tkorbar@redhat.com> - 1.7.3-10
  - Secure ipsec mode (#1772061)
  - CVE-2019-18934
* Tue Dec 10 2019 Tomas Korbar <tkorbar@redhat.com> - 1.7.3-9
  - Use pthread_mutex_t locks when dealing with I/O operations (#1775708)
* Tue Jul 31 2018 Petr Menšík <pemensik@redhat.com> - 1.7.3-8
  - Release memory in unbound-host
* Mon Jul 23 2018 Petr Menšík <pemensik@redhat.com> - 1.7.3-7
  - Remove unused Group tag
* Wed Jul 18 2018 Petr Menšík <pemensik@redhat.com> - 1.7.3-6
  - Cleanup generated client and server keys (#1601773)
* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.7.3-5
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Mon Jul 09 2018 Petr Menšík <pemensik@redhat.com> - 1.7.3-4
  - Do not call ldconfig if possible
* Wed Jul 04 2018 Petr Menšík <pemensik@redhat.com> - 1.7.3-3
  - Update trust anchors also behind firewall (#1598078)
* Mon Jul 02 2018 Miro Hrončok <mhroncok@redhat.com> - 1.7.3-2
  - Rebuilt for Python 3.7
* Wed Jun 27 2018 Petr Menšík <pemensik@redhat.com> - 1.7.3-1
  - Update to 1.7.3 (#1593708)
* Wed Jun 27 2018 Petr Menšík <pemensik@redhat.com> - 1.7.2-3
  - Remove last python2 dependency from python3 build
* Mon Jun 25 2018 Tomas Hozza <thozza@redhat.com> - 1.7.0-6
  - Disable Python2 support
* Mon Apr 09 2018 Petr Menšík <pemensik@redhat.com> - 1.7.0-5
  - Require gcc and make on build
  - Remove group, simplify systemd requires
  - Simplify building with single python version, make python3 primary
* Mon Apr 09 2018 Paul Wouters <pwouters@redhat.com> - 1.7.0-4
  - Patch for prefetching after flushing cache
* Fri Apr 06 2018 Paul Wouters <pwouters@redhat.com> - 1.7.0-3
  - Patch for referral with auth-zone: response
* Wed Mar 21 2018 Paul Wouters <pwouters@redhat.com> - 1.7.0-2
  - Patch for broken Aggressive NSEC + stub-zone configuration causing NXDOMAIN at TTL expiry
* Thu Mar 15 2018 Paul Wouters <pwouters@redhat.com> - 1.7.0-1
  - Updated to 1.7.0 (aggressive nsec, local root support, bugfixes)
* Thu Feb 22 2018 Petr Menšík <pemensik@redhat.com> - 1.6.8-6
  - Uncomment again original max-upd-size
* Wed Feb 21 2018 Petr Menšík <pemensik@redhat.com> - 1.6.8-5
  - Use default RPM build flags and configure parameters (#1539097)
* Wed Feb 21 2018 Petr Menšík <pemensik@redhat.com> - 1.6.8-4
  - Remove group writable bit from some config files (#1528445)
* Wed Feb 14 2018 Filipe Rosset <rosset.filipe@gmail.com> - 1.6.8-3
  - rebuilt due new libevent 2.1.8
* Fri Feb 09 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 1.6.8-2
  - Escape macros in %changelog
* Mon Jan 22 2018 Paul Wouters <pwouters@redhat.com> - 1.6.8-1
  - Resolves rhbz#1483572 unbound-1.6.8 is available
  - Resolves rhbz#1507049 CVE-2017-15105 unbound: Improper validation of wildcard synthesized NSEC records
  - Resolves rhbz#1536518 CVE-2017-15105 unbound: Improper validation of wildcard synthesized NSEC records [fedora-all]
* Sun Dec 17 2017 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 1.6.7-2
  - Python 2 binary package renamed to python2-unbound
    See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3
* Thu Oct 12 2017 Paul Wouters <pwouters@redhat.com> - 1.6.7-1
  - Updated to 1.6.7 (minor bugfixes)
* Tue Oct 03 2017 Petr Menšík <pemensik@redhat.com> - 1.6.6-3
  - Update icannbundle.pem
* Mon Oct 02 2017 Paul Wouters <pwouters@redhat.com> - 1.6.6-2
  - Enable RFC 8145 Trust Anchor Signaling to help the root zone get keytag statistics
* Fri Sep 22 2017 Paul Wouters <pwouters@redhat.com> - 1.6.6-1
  - Resolves: rhbz#1483572 unbound-1.6.6 is available
  - Resolves: rhbz#1465575 unbound fails to start up, complains about missing ipsecmod-hook (edit)
* Wed Aug 16 2017 Paul Wouters <pwouters@redhat.com> - 1.6.4-4
  - Rebuilt with KSK2017 added to root.key and root.anchor
  - Remove noreplace for root key files. We can only improve these files over local copies
* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.6.4-3
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
* Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.6.4-2
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Sun Jul 02 2017 Paul Wouters <pwouters@redhat.com> - 1.6.4-1
  - Updated to 1.6.4 full release, patch to allow missing ipsechook
  - Resolves rhbz#1465575 unbound fails to start up, complains about missing ipsecmod-hook
* Thu Jun 22 2017 Paul Wouters <pwouters@redhat.com> - 1.6.4-0.rc2
  - Update to 1.6.4 (esubnet, ipsecmod support, bugfixes)
* Tue Jun 13 2017 Paul Wouters <pwouters@redhat.com> - 1.6.3-1
  - Updated to 1.6.3 (fixes assertion failure when receiving malformed packet with 0x20 enabled)
* Thu Jun 08 2017 Paul Wouters <pwouters@redhat.com> - 1.6.2-2
  - Patch for cmd: unbound-control set_option val-permissive-mode: yes
* Wed Apr 26 2017 Paul Wouters <pwouters@redhat.com> - 1.6.2-1
  - Update to 1.6.2 (rhbz#1425649)
  - Updated unbound.conf with new options
* Wed Mar 22 2017 Paul Wouters <pwouters@redhat.com> - 1.6.0-6
  - Call make unbound-event-install to install unbound-event.h
* Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.6.0-5
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Wed Jan 18 2017 Paul Wouters <pwouters@redhat.com> - 1.6.0-4
  - Remove obsoleted DLV key
* Mon Jan 02 2017 Paul Wouters <pwouters@redhat.com> - 1.6.0-3
  - Actually remove dependency because minimum is always satisfied
* Mon Jan 02 2017 Paul Wouters <pwouters@redhat.com> - 1.6.0-2
  - Depend on openssl-libs, not opensl
* Wed Dec 21 2016 Kevin Fenzi <kevin@scrye.com> - 1.6.0-1
  - Update to 1.6.0
* Mon Dec 19 2016 Miro Hrončok <mhroncok@redhat.com> - 1.5.10-3
  - Rebuild for Python 3.6
* Wed Oct 26 2016 Ilya Evseev <evseev.i@cdnnow.ru> - 1.5.10-2
  - Bugfix building without python2 and python3
  - Fixup streamtcp build (Paul)
* Tue Sep 27 2016 Paul Wouters <pwouters@redhat.com> - 1.5.10-1
  - Updated to 1.5.10 (better TCP handling, bugfixes)
  - Install pkgconfig file in -devel package
  - Updated unbound.conf
* Tue Jul 19 2016 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.5.9-4
  - https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages
* Thu Jul 07 2016 Paul Wouters <pwouters@redhat.com> - 1.5.9-3
  - Fix upper port range to 60999 because that's what selinux allows
* Thu Jun 16 2016 Paul Wouters <pwouters@redhat.com> - 1.5.9-2
  - Patch for allowing more queries before failure (needed for query minimalization)
* Mon Jun 13 2016 Paul Wouters <pwouters@redhat.com> - 1.5.9-1
  - Updated to 1.5.9
* Thu Apr 21 2016 Toshio Kuratomi <toshio@fedoraproject.org> - 1.5.8-2
  - Fix streamtcp to link against libpython3.x instead of libpython2.x
* Wed Mar 02 2016 Paul Wouters <pwouters@redhat.com> - 1.5.8-1
  - Update to 1.5.8 (rhbz#1313831) which incorporates rhbz#1294339 patch
  - Updated unbound.conf with new upstream options
  - Enabled ip-transparent: yes (see rhbz#1291449)
* Fri Feb 05 2016 Fedora Release Engineering <releng@fedoraproject.org> - 1.5.7-3
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
* Thu Jan 21 2016 Tomas Hozza <thozza@redhat.com> - 1.5.7-2
  - Fix escaping of shell chars in unbound-control-setup (#1294339)
* Fri Dec 11 2015 Paul Wouters <pwouters@redhat.com> - 1.5.7-1
  - Update to 1.5.7
  - Enable query minimalization for enhanced DNS query privacy
  - Enable nxdomain hardening to assist with query minimalization and SBLs
  - Updated default unbound.conf for new features from upstream.
* Fri Nov 13 2015 Tomas Hozza <thozza@redhat.com> - 1.5.6-1
  - Update to 1.5.6 (#1176729)
* Wed Nov 04 2015 Robert Kuska <rkuska@redhat.com> - 1.5.5-2
  - Rebuilt for Python3.5 rebuild
* Wed Oct 07 2015 Tomas Hozza <thozza@redhat.com> - 1.5.5-1
  - New upstream release 1.5.5 (#1269137)
  - Removed the anchor update from %post section of -libs subpackage (#1269137#c2)
* Tue Sep 15 2015 Tomas Hozza <thozza@redhat.com> - 1.5.4-5
  - Removed dependency and ordering on unbound-anchor.service in unbound.service
* Thu Sep 03 2015 Tomas Hozza <thozza@redhat.com> - 1.5.4-4
  - Prefer Python3 build over Python2 build for now (#1254566)
* Mon Jul 20 2015 Tomas Hozza <thozza@redhat.com> - 1.5.4-3
  - Added ExecReload section to unbound.service (#1195785)
  - Removed After syslog.target since it is not needed any more
* Thu Jul 16 2015 Tomas Hozza <thozza@redhat.com> - 1.5.4-2
  - Start unbound-anchor.timer only on new installations
  - Rename root.anchor to root.key in %post section
* Tue Jul 14 2015 Paul Wouters <pwouters@redhat.com> - 1.5.4-1
  - Update to 1.5.4
  - Removed patches merged into upstream
* Tue Jun 16 2015 Tomas Hozza <thozza@redhat.com> - 1.5.3-8
  - Revert: Use low maximum negative cache TTL (5 sec) (#1229596)
* Mon Jun 15 2015 Tomas Hozza <thozza@redhat.com> - 1.5.3-7
  - Add option for maximum negative cache TTL (#1229599)
  - Use low maximum negative cache TTL (5 sec) (#1229596)
* Tue May 26 2015 Tomas Hozza <thozza@redhat.com> - 1.5.3-6
  - Removed usage of DLV from the default configuration (#1223363)
* Wed May 13 2015 Tomas Hozza <thozza@redhat.com> - 1.5.3-5
  - unbound.service now Wants unbound-anchor.timer
  - unbound-anchor man page moved to the unbound-libs
* Mon May 11 2015 Paul Wouters <pwouters@redhat.com> - 1.5.3-4
  - Fixup scriptlets causing systemctl: command not found
  - Resolves rhbz#1219587 Error in PREIN scriptlet in rpm package unbound-libs
* Mon Apr 27 2015 Tomas Hozza <thozza@redhat.com> - 1.5.3-3
  - migrate cronjob to systemd timer unit (#1177285)
  - change the period for unbound-anchor from monthly to daily (#1180267)
  - Thanks to Tomasz Torcz <ttorcz@fedoraproject.org> for the initial patch
* Thu Apr 16 2015 Tomas Hozza <thozza@redhat.com> - 1.5.3-2
  - Fix FTBFS (#1206129)
  - Build python3-unbound and python-unbound bindings for Python 3 and 2 (#1188080)
* Mon Mar 16 2015 Paul Wouters <pwouters@redhat.com> - 1.5.3-1
  - Updated to 1.5.3 which is a bugfix on 1.5.2 for sighup handling
  - Updated to 1.5.2 which fixes DNSSEC validation with different
    trust anchors upstream, local-zone has a new keyword 'inform'
* Mon Feb 02 2015 Paul Wouters <pwouters@redhat.com> - 1.5.1-4
  - Build with --enable-ecdsa
* Sun Feb 01 2015 Paul Wouters <pwouters@redhat.com> - 1.5.1-3
  - Fix post to create root.anchor, not root.key, to match cron job
* Tue Dec 09 2014 Paul Wouters <pwouters@redhat.com> - 1.5.1-2
  - Change systemd-units to systemd
  - Use _tmpfilesdir macro, don't mark tmpfiles as config
* Tue Dec 09 2014 Paul Wouters <pwouters@redhat.com> - 1.5.1-1
  - Update to 1.5.1 for CVE-2014-8602 (rhbz#1172066)
  - Removed unbound-aarch64.patch which was merged upstream
  - Don't require autotools for non snapshots or run autoreconf
* Fri Nov 28 2014 Tomas Hozza <thozza@redhat.com> - 1.5.1-0.1.rc1
  - update to 1.5.1rc1
* Fri Nov 28 2014 Marcin Juszkiewicz <mjuszkiewicz@redhat.com> - 1.5.0-3
  - fix build on aarch64
* Wed Nov 26 2014 Tomas Hozza <thozza@redhat.com> - 1.5.0-2
  - Fix race condition in arc4random (#1166878)
* Wed Nov 19 2014 Tomas Hozza <thozza@redhat.com> - 1.5.0-1
  - update to 1.5.0
* Wed Sep 24 2014 Pavel Šimerda <psimerda@redhat.com> - 1.4.22-6
  - Resolves: #1115489 - build with python 3.x for fedora >= 22
* Thu Aug 21 2014 Kevin Fenzi <kevin@scrye.com> - 1.4.22-5
  - Rebuild for rpm bug 1131960
* Mon Aug 18 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.22-4
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sun Jun 08 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.22-3
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Thu May 01 2014 Paul Wouters <pwouters@redhat.com> - 1.4.22-2
  - Added flushcache patch (SVN commit 3125)
* Thu Mar 13 2014 Paul Wouters <pwouters@redhat.com> - 1.4.22-1
  - Updated to 1.4.22
  - No longer requires the ldns library
* Thu Jan 16 2014 Tomas Hozza <thozza@redhat.com> - 1.4.21-3
  - Fix segfault on adding insecure forward zone when using only iterator (#1054192)
* Mon Oct 21 2013 Tomas Hozza <thozza@redhat.com> - 1.4.21-2
  - run test suite during the build
* Thu Sep 19 2013 Paul Wouters <pwouters@redhat.com> - 1.4.21-1
  - Updated to 1.4.21, 
  - Enabled new max-udp-size: 3072 (so ANY isc.org won't fit)
  - Removed patched merged in by upstream
  - Enable statistics-cumulative for munin-plugin
  - Added outgoing-port-avoid: 0-32767 conformant to SElinux restrictions
  - Updated unbound.conf
* Mon Aug 26 2013 Tomas Hozza <thozza@redhat.com> - 1.4.20-19
  - Fix errors found by static analysis of source
* Mon Aug 12 2013 Paul Wouters <pwouters@redhat.com> - 1.4.20-18
  - Change unbound.conf to only use ephemeral ports (32768-65535)
* Sun Aug 04 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.20-17
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Mon Jul 22 2013 Tomas Hozza <thozza@redhat.com> - 1.4.20-16
  - provide man page for unbound-streamtcp
* Mon Jul 08 2013 Paul Wouters <pwouters@redhat.com> - 1.4.20-15
  - Re-introduce hardening flags for full relro and pie
  - Fixes compilation failure for python module
* Wed Jul 03 2013 Tomas Hozza <thozza@redhat.com> - 1.4.20-14
  - remove missing unbound-rootkey.service from post/preun/postun sections
  - don't hardcode hardening flags, let hardened build macro handles it
* Sat Jun 01 2013 Paul Wouters <pwouters@redhat.com> - 1.4.20-13
  - Run unbound-anchor as user unbound in unbound.service
* Tue May 28 2013 Paul Wouters <pwouters@redhat.com> - 1.4.20-12
  - Enable round-robin (with noths() patch)
  - Change cron and systemd service to use root.key, not root.anchor
* Sat May 25 2013 Paul Wouters <pwouters@redhat.com> - 1.4.20-10
  - Use /var/lib/unbound/root.key (more consistent with other distros)
  - Enable minimal responses
* Mon Apr 22 2013 Paul Wouters <pwouters@redhat.com> - 1.4.20-8
  - Refix
* Fri Apr 19 2013 Paul Wouters <pwouters@redhat.com> - 1.4.20-7
  - Fix runuser call in post.
* Tue Apr 16 2013 Paul Wouters <pwouters@redhat.com> - 1.4.20-6
  - /var/lib/unbound should be owned by unbound. group write is not enough
* Fri Apr 12 2013 Paul Wouters <pwouters@redhat.com> - 1.4.20-5
  - Fix cron job syntax (rhbz#951725)
  - Use install -p to prevent .rpmnew files that are identical to originals
* Mon Apr 08 2013 Paul Wouters <pwouters@redhat.com> - 1.4.20-4
  - Updated to 1.4.20
  - Build with full RELRO (not use -z,relro but with -z,relo,-z,now)
  - Fixup man page for unbound-control-setup
  - unbound.service should start before nss-lookup.target (rhbz#919955)
  - Removed patch for rhbz#888759 merged in upstream
  - Move root.anchor to /var/lib/unbound to make selinux policy easier for updating (rhbz#896599/rhbz#891008)
  - Move cronjob for root.anchor from unbound to unbound-libs, require crontabs
  - /etc/unbound (and all) should be owned by unbound-libs (rhbz#909691)
  - Remove Obsolete/Provides for dnssec-conf which was last seen in f13
  - Ensure any unbound-anchor failure in post is ignored
* Tue Mar 05 2013 Adam Tkac <atkac redhat com> - 1.4.19-5
  - build with full RELRO
  - symlink unbound-control-setup.8 manpage to unbound-control.8
* Fri Feb 15 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.19-4
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Wed Dec 12 2012 Paul Wouters <pwouters@redhat.com> - 1.4.19-3
  - Updated to 1.4.19 - this integrates all existing patches
  - Patch for unbound-anchor (rhbz#888759)
* Fri Nov 09 2012 Paul Wouters <pwouters@redhat.com> - 1.4.18-6
  - Patch to ensure stube-zone's aren't lost when using dnssec-triggerd
  - added unbound-munin.README file
* Wed Sep 26 2012 Paul Wouters <pwouters@redhat.com> - 1.4.18-5
  - Patch to allow wildcards in include: statements
  - Add directories /etc/unbound/keys.d,conf.d,local.d with
    example entries
  - Added /etc/unbound/root.anchor, maintained by unbound-anchor
    which is installed as monthly cron and PreExec in systemd config
    (root.key is unused, but left installed in case people depend on it)
  - Native systemd (simple) and /etc/sysconfig/unbound support
  - Run unbound-checkconf in PreExec
  - Moved trust anchor related files to unbound-libs, as they can
    be used without the daemon.
  - sub packages now depends on base package of same arch
  - Build munin package as noarch
  - unbound-anchor moved to unbound-libs package. It is needed
    to update the root.anchor key file.
* Tue Sep 04 2012 Paul Wouters <pwouters@redhat.com> - 1.4.18-3
  - Fix openssl thread locking bug under high query load
* Thu Aug 23 2012 Paul Wouters <pwouters@redhat.com> - 1.4.18-2
  - Use new systemd-rpm macros (rhbz#850351)
  - Clean up old obsoleted dnssec-conf from < fedora 15
* Fri Aug 03 2012 Paul Wouters <pwouters@redhat.com> - 1.4.18-1
  - Updated to 1.4.18 (FIPS related fixes mostly)
  - Removed patches that were merged in upstream
  - Added comment to root.key
* Mon Jul 23 2012 Paul Wouters <pwouters@redhat.com> - 1.4.17-5
  - Fix for unbound crasher (upstream bug #452)
  - Support libunbound functions in man pages and place in -devel
* Sun Jul 22 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.17-4
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Tue Jul 03 2012 Paul Wouters <pwouters@redhat.com> - 1.4.17-3
  - unbound FIPS patches for MD5,randomness (rhbz#835106)
* Fri Jun 15 2012 Adam Tkac <atkac redhat com> - 1.4.17-2
  - don't build unbound-munin on RHEL
* Thu May 24 2012 Paul Wouters <pwouters@redhat.com> - 1.4.17-1
  - Updated to 1.4.17 (which mostly brings in patches we already
    applied from svn trunk)
* Wed Feb 29 2012 Paul Wouters <pwouters@redhat.com> - 1.4.16-3 
  - Since the daemon links to the libs staticly, add Requires:
    (this is rhbz#745288)
  - Package up streamtcp as unbound-streamtcp (for monitoring)
* Mon Feb 27 2012 Paul Wouters <pwouters@redhat.com> - 1.4.16-2
  - Don't ghost the directory (rhbz#788805)
  - Patch for unbound to support unbound-control forward_zone
    (needed for openswan in XAUTH mode)
* Thu Feb 02 2012 Paul Wouters <paul@nohats.ca> - 1.4.16-1
  - Upgraded to 1.4.16, which was relesed due to the soname
    and some DNSSEC validation failures
* Wed Feb 01 2012 Paul Wouters <paul@nohats.ca> - 1.4.15-2
  - Patch for SONAME version (libtool's -version-number vs -version-info)
* Fri Jan 27 2012 Paul Wouters <pwouters@redhat.com> - 1.4.15-1
  - Upgraded to 1.4.15
  - Updated unbound.conf to show how to configure listening on tls443
* Sat Jan 14 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.14-2
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Mon Dec 19 2011 Paul Wouters <paul@cypherpunks.ca> - 1.4.14-1
  - Upgraded to 1.4.14 for CVE-2011-4528 / VU#209659
  - SSL-wrapped query support for dnssec-trigger
  - EDNS handling changes
  - Removed integrated EDNS patches
  - Disabled use-caps-for-id, GoDaddy domains now break on it
  - Enabled new harden-below-nxdomain
* Thu Sep 15 2011 Paul Wouters <paul@xelerance.com> - 1.4.13-1
  - Upgraded to 1.4.13
  - Removed merged in pythonmod patch
  - Added EDNS1480 patch to fix unbound on broken EDNS/UDP networks
  - Fix python to go into sitearch instead of sitelib
* Wed Sep 14 2011 Tom Callaway <spot@fedoraproject.org> - 1.4.12-4
  - convert to systemd, tmpfiles.d
* Mon Aug 08 2011 Paul Wouters <paul@xelerance.com> - 1.4.12-3
  - Added pythonmod docs and examples
* Mon Aug 08 2011 Paul Wouters <paul@xelerance.com> - 1.4.12-2
  - Fix for python module load in the server (Tom Hendrikx)
  - No longer enable --enable-debug as it causes degraded  performance
    under load.
* Mon Jul 18 2011 Paul Wouters <paul@xelerance.com> - 1.4.12-1
  - Updated to 1.4.12
* Sun Jul 03 2011 Paul Wouters <paul@xelerance.com> - 1.4.11-1
  - Updated to 1.4.11
  - removed integrated CVE patch
  - updated stock unbound.conf for new options introduced
* Mon Jun 06 2011 Paul Wouters <paul@xelerance.com> - 1.4.10-1
  - Added ghost for /var/run/unbound (bz#656710)
* Mon Jun 06 2011 Paul Wouters <paul@xelerance.com> - 1.4.9-3
  - rebuilt
* Wed May 25 2011 Paul Wouters <paul@xelerance.com> - 1.4.9-2
  - Applied patch for CVE-2011-1922 DoS vulnerability
* Sun Mar 27 2011 Paul Wouters <paul@xelerance.com> - 1.4.9-1
  - Updated to 1.4.9
* Sat Feb 12 2011 Paul Wouters <paul@xelerance.com> - 1.4.8-2
  - rebuilt
* Tue Jan 25 2011 Paul Wouters <paul@xelerance.com> - 1.4.8-1
  - Updated to 1.4.8
  - Enable root key for DNSSEC
  - Fix unbound-munin to use proper file (could cause excessive logging)
  - Build unbound-python per default
  - Disable gost as Fedora/EPEL does not allow ECC and has mangled openssl
* Tue Oct 26 2010 Paul Wouters <paul@xelerance.com> - 1.4.5-4
  - Revert last build - it was on the wrong branch
* Tue Oct 26 2010 Paul Wouters <paul@xelerance.com> - 1.4.5-3
  - Disable do-ipv6 per default - causes severe degradation on non-ipv6 machines
    (see comments in inbound.conf)
* Tue Jun 15 2010 Paul Wouters <paul@xelerance.com> - 1.4.5-2
  - Bump release - forgot to upload the new tar ball.
* Tue Jun 15 2010 Paul Wouters <paul@xelerance.com> - 1.4.5-1
  - Upgraded to 1.4.5
* Mon May 31 2010 Paul Wouters <paul@xelerance.com> - 1.4.4-2
  - Added accidentally omitted svn patches to cvs
* Mon May 31 2010 Paul Wouters <paul@xelerance.com> - 1.4.4-1
  - Upgraded to 1.4.4 with svn patches
  - Obsolete dnssec-conf to ensure it is de-installed
* Thu Mar 11 2010 Paul Wouters <paul@xelerance.com> - 1.4.3-1
  - Update to 1.4.3 that fixes 64bit crasher
* Tue Mar 09 2010 Paul Wouters <paul@xelerance.com> - 1.4.2-1
  - Updated to 1.4.2 
  - Updated unbound.conf with new options
  - Enabled pre-fetching DNSKEY records (DNSSEC speedup)
  - Enabled re-fetching popular records before they expire
  - Enabled logging of DNSSEC validation errors
* Mon Mar 01 2010 Paul Wouters <paul@xelerance.com> - 1.4.1-5
  - Overriding -D_GNU_SOURCE is no longer needed. This fixes DSO issues
    with pthreads
* Wed Feb 24 2010 Paul Wouters <paul@xelerance.com> - 1.4.1-3
  - Change make/configure lines to attempt to fix -lphtread linking issue
* Thu Feb 18 2010 Paul Wouters <paul@xelerance.com> - 1.4.1-2
  - Removed dependancy for dnssec-conf
  - Added ISC DLV key (formerly in dnssec-conf)
  - Fixup old DLV locations in unbound.conf file via %post
  - Fix parent child disagreement handling and no-ipv6 present [svn r1953]
* Tue Jan 05 2010 Paul Wouters <paul@xelerance.com> - 1.4.1-1
  - Updated to 1.4.1
  - Changed %define to %global
* Thu Oct 08 2009 Paul Wouters <paul@xelerance.com> - 1.3.4-2
  - Bump version
* Thu Oct 08 2009 Paul Wouters <paul@xelerance.com> - 1.3.4-1
  - Upgraded to 1.3.4. Security fix with validating NSEC3 records
* Fri Aug 21 2009 Tomas Mraz <tmraz@redhat.com> - 1.3.3-2
  - rebuilt with new openssl
* Mon Aug 17 2009 Paul Wouters <paul@xelerance.com> - 1.3.3-1
  - Updated to 1.3.3
* Sun Jul 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.3.0-3
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
* Sat Jun 20 2009 Paul Wouters <paul@xelerance.com> - 1.3.0-2
  - Added missing glob patch to cvs
  - Place python macros within the %with_python check
* Sat Jun 20 2009 Paul Wouters <paul@xelerance.com> - 1.3.0-1
  - Updated to 1.3.0
  - Added unbound-python sub package. disabled for now
  - Patch from svn to fix DLV lookups
  - Patches from svn to detect wrong truncated response from BIND 9.6.1 with
    minimal-responses)
  - Added Default-Start and Default-Stop to unbound.init
  - Re-enabled --enable-sha2
  - Re-enabled glob.patch
* Wed May 20 2009 Paul Wouters <paul@xelerance.com> - 1.2.1-7
  - unbound-iterator.patch was not commited
* Wed May 20 2009 Paul Wouters <paul@xelerance.com> - 1.2.1-6
  - Fix for https://bugzilla.redhat.com/show_bug.cgi?id=499793
* Tue Mar 17 2009 Paul Wouters <paul@xelerance.com> - 1.2.1-5
  - Use --nocheck to avoid giving an error on missing unbound-remote certs/keys
* Tue Mar 10 2009 Adam Tkac <atkac redhat com> - 1.2.1-4
  - enable DNSSEC only if it is enabled in sysconfig/dnssec
* Mon Mar 09 2009 Adam Tkac <atkac redhat com> - 1.2.1-3
  - add DNSSEC support to initscript and enabled it per default
  - add requires dnssec-conf
* Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.2.1-2
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
* Tue Feb 10 2009 Paul Wouters <paul@xelerance.com - 1.2.1-1
  - updated to 1.2.1
* Sun Jan 18 2009 Tomas Mraz <tmraz@redhat.com> - 1.2.0-2
  - rebuild with new openssl
* Wed Jan 14 2009 Paul Wouters <paul@xelerance.com - 1.2.0-1
  - Updated to 1.2.0
  - Added dependancy on minimum SSL for CVE-2008-5077
  - Added dependancy on bc for unbound-munin
  - Added minimum requirement of libevent 1.4.5. Crashes with older versions
    (note: libevent is stale in EL-4 and not in EL-5, needs fixing there)
  - Removed dependancy on selinux-policy (will get used when available)
  - Enable options as per draft-wijngaards-dnsext-resolver-side-mitigation-00.txt
  - Enable unwanted-reply-threshold to mitigate against a Kaminsky attack
  - Enable val-clean-additional to drop addition unsigned data from signed
    response.
  - Removed patches (got merged into upstream)
* Mon Jan 05 2009 Paul Wouters <paul@xelerance.com> - 1.1.1-7
  - Modified scandir patch to silently fail when wildcard matches nothing
  - Patch to allow unbound-checkconf to find empty wildcard matches
* Mon Jan 05 2009 Paul Wouters <paul@xelerance.com> - 1.1.1-6
  - Added scandir patch for trusted-keys-file: option, which
    is used to load multiple dnssec keys in bind file format
* Mon Dec 08 2008 Paul Wouters <paul@xelerance.com> - 1.1.1-4
  - Added Requires: for selinux-policy >= 3.5.13-33 for proper SElinux rules.
* Mon Dec 01 2008 Paul Wouters <paul@xelerance.com> - 1.1.1-3
  - We did not own the /etc/unbound directory (#474020)
  - Fixed cvs anomalies
* Fri Nov 28 2008 Adam Tkac <atkac redhat com> - 1.1.1-2
  - removed all obsolete chroot related stuff
  - label control certs after generation correctly
* Thu Nov 20 2008 Paul Wouters <paul@xelerance.com> - 1.1.1-1
  - Updated to unbound 1.1.1 which fixes a crasher and
    addresses nlnetlabs bug #219
* Wed Nov 19 2008 Paul Wouters <paul@xelerance.com> - 1.1.0-3
  - Remove the chroot, obsoleted by SElinux
  - Add additional munin plugin links supported by unbound plugin
  - Move configuration directory from /var/lib/unbound to /etc/unbound
  - Modified unbound.init and unbound.conf to account for chroot changes
  - Updated unbound.conf with new available options
  - Enabled dns-0x20 protection per default
* Wed Nov 19 2008 Adam Tkac <atkac redhat com> - 1.1.0-2
  - unbound-1.1.0-log_open.patch
    - make sure log is opened before chroot call
    - tracked as http://www.nlnetlabs.nl/bugs/show_bug.cgi?id=219
  - removed /dev/log and /var/run/unbound and /etc/resolv.conf from
    chroot, not needed
  - don't mount files in chroot, it causes problems during updates
  - fixed typo in default config file
* Fri Nov 14 2008 Paul Wouters <paul@xelerance.com> - 1.1.0-1
  - Updated to version 1.1.0
  - Updated unbound.conf's statistics options and remote-control
    to work properly for munin
  - Added unbound-munin package
  - Generate unbound remote-control  key/certs on first startup
  - Required ldns is now 1.4.0
* Wed Oct 22 2008 Paul Wouters <paul@xelerance.com> - 1.0.2-5
  - Only call ldconfig in -libs package
  - Move configure into build section
  - devel subpackage should only depend on libs subpackage
* Tue Oct 21 2008 Paul Wouters <paul@xelerance.com> - 1.0.2-4
  - Fix CFLAGS getting lost in build
  - Don't enable interface-automatic:yes because that
    causes unbound to listen on 0.0.0.0 instead of 127.0.0.1
* Sun Oct 19 2008 Paul Wouters <paul@xelerance.com> - 1.0.2-3
  - Split off unbound-libs, make build verbose
* Thu Oct 09 2008 Paul Wouters <paul@xelerance.com> - 1.0.2-2
  - FSB compliance, chroot fixes, initscript fixes
* Thu Sep 11 2008 Paul Wouters <paul@xelerance.com> - 1.0.2-1
  - Upgraded to 1.0.2
* Wed Jul 16 2008 Paul Wouters <paul@xelerance.com> - 1.0.1-1
  - upgraded to new release
* Wed May 21 2008 Paul Wouters <paul@xelerance.com> - 1.0.0-2
  - Build against ldns-1.3.0
* Wed May 21 2008 Paul Wouters <paul@xelerance.com> - 1.0.0-1
  - Split of -devel package, fixed dependancies, make rpmlint happy
* Fri Apr 25 2008 Wouter Wijngaards <wouter@nlnetlabs.nl> - 0.12
  - Using parts from ports collection entry by Jaap Akkerhuis.
  - Using Fedoraproject wiki guidelines.
* Wed Apr 23 2008 Wouter Wijngaards <wouter@nlnetlabs.nl> - 0.11
  - Initial version.

Files

/etc/unbound
/etc/unbound/icannbundle.pem
/etc/unbound/root.key
/usr/lib/.build-id
/usr/lib/.build-id/34
/usr/lib/.build-id/34/0811c68b6c11b27d848d7339fb874883a0d5b1
/usr/lib/.build-id/43
/usr/lib/.build-id/43/33d503fbfb6c220d74ddda89c4366a63ab3a90
/usr/lib/libunbound.so.2
/usr/lib/libunbound.so.2.7.18
/usr/lib/systemd/system/unbound-anchor.service
/usr/lib/systemd/system/unbound-anchor.timer
/usr/sbin/unbound-anchor
/usr/share/doc/unbound-libs
/usr/share/doc/unbound-libs/README
/usr/share/licenses/unbound-libs
/usr/share/licenses/unbound-libs/LICENSE
/usr/share/man/man8/unbound-anchor.8.gz
/var/lib/unbound
/var/lib/unbound/root.key


Generated by rpm2html 1.8.1

Fabrice Bellet, Sat Nov 9 08:09:51 2024