The release fixes line endings in the unbound-control-setup script, and
a potential gost-hash validation failure and handles the ".onion" domain
to avoid privacy leakage.
Features
- - ip-transparent option for FreeBSD with IP_BINDANY socket option.
- - insecure-lan-zones: yesno config option, patch from Dag-Erling
Smørgrav.
- - RR Type CSYNC support RFC 7477, in debug printout and config input.
- - RR Type OPENPGPKEY support (draft-ietf-dane-openpgpkey-07).
- - [bugzilla: 731 ] tcp-mss, outgoing-tcp-mss options for unbound.conf,
patch from Daisuke Higashi.
- - Support RFC7686: handle ".onion" Special-Use Domain. It is blocked
by default, and can be unblocked with "nodefault" localzone config.
- - ub_ctx_set_stub() function for libunbound to config stub zones.
Bug Fixes
- - Fix that NSEC3 negative cache is used when there is no salt.
- - sorted ubsyms.def file with exported libunbound functions.
- - Print understandable debug log when unusable DS record is seen.
- - load gost algorithm if digest is seen before key algorithm.
- - Fix that "make install" fails due to "text file busy" error.
- - Set IPPROTO_IP6 for ipv6 sockets otherwise invalid argument error.
- - wait for sendto to drain socket buffers when they are full.
- - Neater cmdline_verbose increment patch from Edgar Pettijohn.
- - Made netbsd sendmsg test nonfatal, in case of false positives.
- - [bugzilla: 741 ] Fix: log message for dnstap socket connection is
more clear.
- - [bugzilla: 734 ] Fix: chown the pidfile if it resides inside the
chroot.
- - Fix cmsg alignment for argument to sendmsg on NetBSD.
- - Fix that unbound complains about unimplemented IP_PKTINFO for
sendmsg on NetBSD (for interface-automatic).
- - [bugzilla: 738 ] Fix: Swig should not be invoked with CPPFLAGS.
- - Squelch 'cannot assign requested address' log messages unless
verbosity is high, it was spammed after network down.
- - Fix to simplify empty string checking from Michael McConville.
- - [bugzilla: 734 ] Fix: Do not log an error when the PID file cannot
be chown'ed. Patch from Simon Deziel.
- - Fix test if -pthreads unused to use better grep for portability.
- - Fix mingw crosscompile for recent mingw.
- - Update aclocal, autoconf output with new versions (1.15, 2.4.6).
- - Define DEFAULT_SOURCE together with BSD_SOURCE when that is defined,
for Linux glibc 2.20.
- - Fixup contrib/aaaa-filter-iterator.patch for moved contents in the
source code, so it applies cleanly again. Removed unused variable
warnings.
- - [bugzilla: 729 ] Fix: omit use of escape sequences in echo since
they are not portable (unbound-control-setup).
- - remove NULL-checks before free, patch from Michael McConville.
- - updated ax_pthread.m4 to version 21 with clang support, this removes
a warning from compilation.
- - OSX portability, detect if sbrk is deprecated.
- - OSX clang, stop -pthread unused during link stage warnings.
- - OSX clang new flto check.
- - iana portlist update.
The release fixes line endings in the unbound-control-setup script, and
a potential gost-hash validation failure and handles the ".onion" domain
to avoid privacy leakage.
Features
- - ip-transparent option for FreeBSD with IP_BINDANY socket option.
- - insecure-lan-zones: yesno config option, patch from Dag-Erling
Smørgrav.
- - RR Type CSYNC support RFC 7477, in debug printout and config input.
- - RR Type OPENPGPKEY support (draft-ietf-dane-openpgpkey-07).
- - [bugzilla: 731 ] tcp-mss, outgoing-tcp-mss options for unbound.conf,
patch from Daisuke Higashi.
- - Support RFC7686: handle ".onion" Special-Use Domain. It is blocked
by default, and can be unblocked with "nodefault" localzone config.
- - ub_ctx_set_stub() function for libunbound to config stub zones.
Bug Fixes
- - Fix that NSEC3 negative cache is used when there is no salt.
- - sorted ubsyms.def file with exported libunbound functions.
- - Print understandable debug log when unusable DS record is seen.
- - load gost algorithm if digest is seen before key algorithm.
- - Fix that "make install" fails due to "text file busy" error.
- - Set IPPROTO_IP6 for ipv6 sockets otherwise invalid argument error.
- - wait for sendto to drain socket buffers when they are full.
- - Neater cmdline_verbose increment patch from Edgar Pettijohn.
- - Made netbsd sendmsg test nonfatal, in case of false positives.
- - [bugzilla: 741 ] Fix: log message for dnstap socket connection is
more clear.
- - [bugzilla: 734 ] Fix: chown the pidfile if it resides inside the
chroot.
- - Fix cmsg alignment for argument to sendmsg on NetBSD.
- - Fix that unbound complains about unimplemented IP_PKTINFO for
sendmsg on NetBSD (for interface-automatic).
- - [bugzilla: 738 ] Fix: Swig should not be invoked with CPPFLAGS.
- - Squelch 'cannot assign requested address' log messages unless
verbosity is high, it was spammed after network down.
- - Fix to simplify empty string checking from Michael McConville.
- - [bugzilla: 734 ] Fix: Do not log an error when the PID file cannot
be chown'ed. Patch from Simon Deziel.
- - Fix test if -pthreads unused to use better grep for portability.
- - Fix mingw crosscompile for recent mingw.
- - Update aclocal, autoconf output with new versions (1.15, 2.4.6).
- - Define DEFAULT_SOURCE together with BSD_SOURCE when that is defined,
for Linux glibc 2.20.
- - Fixup contrib/aaaa-filter-iterator.patch for moved contents in the
source code, so it applies cleanly again. Removed unused variable
warnings.
- - [bugzilla: 729 ] Fix: omit use of escape sequences in echo since
they are not portable (unbound-control-setup).
- - remove NULL-checks before free, patch from Michael McConville.
- - updated ax_pthread.m4 to version 21 with clang support, this removes
a warning from compilation.
- - OSX portability, detect if sbrk is deprecated.
- - OSX clang, stop -pthread unused during link stage warnings.
- - OSX clang new flto check.
- - iana portlist update.
