Maintained by: NLnet Labs

[Unbound-users] [NLnet Labs Maintainers] unbound 1.4.18rc2 maintainers prerelease

W.C.A. Wijngaards
Mon Jul 30 10:20:29 CEST 2012


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

Here is 1.4.18rc2, second release candidate, for download:
http://unbound.net/downloads/unbound-1.4.18rc2.tar.gz
sha1 3f959022b1d008f5e066bd6c2049c910e2f9cab0
sha256 2c262d2cb5f17ba35758f565cc4cd07d1ec3f739212b5d6c337ca37af24cbbf8

http://unbound.net/downloads/unbound_setup_1.4.18rc2.exe

This is identical to rc1, but fixes a bogus nodata cname chain which
was not reported as bogus by validator (Thanks Peter van Dijk).

Best regards,
   Wouter

On 07/26/2012 11:47 AM, W.C.A. Wijngaards wrote:
> Hi,
> 
> Unbound 1.4.18rc1 is available for download: 
> http://unbound.net/downloads/unbound-1.4.18rc1.tar.gz sha1
> e1d765195beddb5489029e7ad09d032ffd8563fd sha256
> 110c19aa28b54b510b2b00941089e8d32fbb0e2320f1c657bdf3347d1d6f63d3
> 
> http://unbound.net/downloads/unbound_setup_1.4.18rc1.exe
> 
> This release has bugfixes, notably two assertion failures.
> 
> There is a build feature to build with libnss, but only to compile 
> libunbound not the unbound daemon (because of its remote control 
> functions) at this time.  You have to link with libldns compiled 
> --without-ssl, otherwise ldns links with openssl.
> 
> There is some support for FIPS-compliant mode, where it will 
> understand that some algorithms are not available, those DNSSEC 
> results are then marked 'insecure' (and not 'bogus').
> 
> 
> Features implement log-time-ascii on windows. 
> --with-libunbound-only build option, only builds the library and 
> not the daemon and other tools. --with-nss build option (for now,
> --with-libunbound-only), uses libNSS for crypto operations. disable
> RSAMD5 if in FIPS mode (for openssl and for libnss). Add
> flush_bogus option for unbound-control.
> 
> Bug Fixes Fix libunbound report of errors when in background mode. 
> [bugzilla: 454 ] Fix for ACX_CHECK_COMPILER_FLAG from configure.ac,
> if CFLAGS is specified at configure time then '-g -O2' is not
> appended to CFLAGS, so that the user can override them. FIPS_mode
> openssl does not use arc4random but RAND_pseudo_bytes. fix missing
> break for GOST DS hash function. implemented forward_first for the
> root. code review: return value of cache_store can be ignored for
> better performance in out of memory conditions. patch for
> unbound_munin_ script to handle arbitrary thread count by Sven
> Ulland. Fix validation of qtype DS queries that result in no data
> for non-optout NSEC3 zones. fix edns-buffer-size and
> msg-buffer-size manpage documentation. fix error handling of alloc
> failure during rrsig verification. The key-cache bad key ttl is now
> 60 seconds. [bugzilla: 452 ] fix crash on assert in
> mesh_state_attachment. Fixes DS NS search to not generate duplicate
> sub queries. silence warning from swig-generated code (md set but
> not used in swig initmodule, due to ifdefs in swig-generated
> code). Fix debian-bugs-658021: Please enable hardened build flags. 
> update iana ports list
> 
> Best regards, Wouter 
> _______________________________________________ maintainers mailing
> list maintainers at nlnetlabs.nl 
> http://nlnetlabs.nl/mailman/listinfo/maintainers
> 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJQFkPNAAoJEJ9vHC1+BF+N6EwP/3NFijiPr4erLjndEHEjObgD
5ZZL/Ji0S0MhzIR+yBXuNB4ILgp3+ke9XCtxAonFf9nW1h5FXzou0xIDh2fEwOtL
wEsuSn2FT6mMFuiFUImw1/zffT1rK6D3tmtp10OxC0MYOVR70SrkA/DA+blVU96K
sp0GF7IcbJvB63K0w+HTIkBborIgJDrrj8NGByDZ7H74Q965oDMavFbjuhrSnhgK
oN/U6QJZKGTdQ9DPwcDCwlexWtNkueozeJJKkALhGlheOfvXVdYEOy/00UcezZEe
0ltr5O5T0VO6IJUvxZOu/9VMhiWgBZ2VTfX452K31CpnbCA6GHzQriqkbvbAtgut
yXkcugNVYW5yq9dHLqYDodUtiiZE6qLVS7pooygy3w/QjPg63hycVQyGNGhhA2rd
/J1gYS2r+MVqWup//jOPD5vMkXrOZGkYFmI18xKz1MDdLA9Knz/TJILcJe6K2UvR
gPVn27uSfCpVpQVuhuczJepOWPU1cPwayWaItukqEP/Q1c4JVHlOKk70zBte+Mnf
Uehz9sCt3A4Jb8L8+TlYSoTsp4kaqJsJIzh7dmFXKOLPfi9KhwoA67gGZsApGjrr
o4XcGyO7YLPwKgnFKBDHK3z978L0klY0O9sUEgXBgmxmsN6RR8RLbKH0FxcPNUY1
ceQnX8xUCLHhjemLZ8jC
=G8jG
-----END PGP SIGNATURE-----