Maintained by: NLnet Labs

[Unbound-users] Unbound 1.4.22 released

W.C.A. Wijngaards
Wed Mar 12 15:20:52 CET 2014

Hash: SHA1


Unbound 1.4.22 is available,
sha1 a56e31e2f3a2fefa3caaad9200dd943d174ca81e
sha256 1caf5081b2190ecdb23fc4d998b7999e28640c941f53baff7aee03c092a7d29f

This release can be compiled without libldns, the necessary code has
been included in the source.

- - separate ldns into core ldns inside ldns/ subdirectory.  No more
  configure --with-ldns is needed and unbound does not rely on libldns.
- - Accept ip-address: as an alternative for interface: for
  consistency with nsd.conf syntax.
- - Fix ref#536: acl_deny_non_local and refuse_non_local added.
- - so-reuseport: yesno option to distribute queries evenly over
  threads on Linux (Thanks Robert Edmonds).
  Reuseport is attempted, then fallback to without on failure.
- - delay-close: msec option that delays closing ports for which
  the UDP reply has timed out.  Keeps the port open, only accepts
  the correct reply.  This correct reply is not used, but the port
  is open so that no port-denied ICMPs are generated.

Bug Fixes
- - Fix #528: if very high logging (4 or more) segfault on allow_snoop.
- - Fix #531: Set SO_REUSEADDR so that the wildcard interface and a
  more specific interface port 53 can be used at the same time, and
  one of the daemons is unbound.
- - if configured --with-libunbound-only fix make install.
- - Patch from Neel Goyal to fix callback in libunbound.
- - Patch from Neel Goyal to fix async id assignment if callback
  is called by libunbound in the mesh attach.
- - Fix bug#537: compile python plugin without ldns library.
- - Windows port, adjust %lld to %I64d, and warning in win_event.c.
- - Fix #544: Fixed +i causes segfault when running with module conf
- - Fix #547: no trustanchor written if filesystem full, fclose checked.
- - unbound-event.h is installed if you configure --enable-event-api.
  It contains low-level library calls, that use libevent's event_base
  and a wireformat return packet in a buffer to perform async
  resolution in the client's eventloop.
- - speed up unbound, by reducing lock contention on localzones.lock.
- - Fix parse (in ldns) of quoted parenthesized text strings.
- - Detect libevent2 install automatically by configure and fixup
  link with lib/event2 subdir.
- - Fix #551: License change "Regents" to "Copyright holder", matching
  the BSD license on
- - Fix parse of #553(NSD) string in sldns, quotes without spaces.
- - Be lenient when a NSEC NameError response with RCODE=NXDOMAIN is
  received. This is okay according 4035, but not after revising
  existence in 4592.  NSEC empty non-terminals exist and thus the
  RCODE should have been NOERROR. If this occurs, and the RRsets
  are secure, we set the RCODE to NOERROR and the security status
  of the response is also considered secure.
- - iana portlist updated.
- - Fix bug#561: contrib/cacti plugin did not report SERVFAIL rcodes
  because of spelling.  Patch from Chris Coates.

Best regards,
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird -