-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2018-b129e67fab 2018-10-18 03:53:20.001335 --------------------------------------------------------------------------------
Name : unbound Product : Fedora 27 Version : 1.7.3 Release : 10.fc27 URL : https://www.unbound.net/ Summary : Validating, recursive, and caching DNS(SEC) resolver Description : Unbound is a validating, recursive, and caching DNS(SEC) resolver.
The C implementation of Unbound is developed and maintained by NLnet Labs. It is based on ideas and algorithms taken from a java prototype developed by Verisign labs, Nominet, Kirei and ep.net.
Unbound is designed as a set of modular components, so that also DNSSEC (secure DNS) validation and stub-resolvers (that do not run as a server, but are linked into an application) are easily possible.
-------------------------------------------------------------------------------- Update Information:
- Do not fail on unreachable ipv6 forwarders - Try to solve occasional crashes. Way to reproduce is not known, backported some fixes from upstream. -------------------------------------------------------------------------------- ChangeLog:
* Tue Oct 2 2018 Petr Men����k pemensik@redhat.com - 1.7.3-10 - Try to fix occasional crash (#1562594) * Mon Oct 1 2018 Petr Men����k pemensik@redhat.com - 1.7.3-9 - Skip ipv6 forwarders without ipv6 support (#1633874) * Tue Jul 31 2018 Petr Men����k pemensik@redhat.com - 1.7.3-8 - Release memory in unbound-host * Mon Jul 23 2018 Petr Men����k pemensik@redhat.com - 1.7.3-7 - Remove unused Group tag * Wed Jul 18 2018 Petr Men����k pemensik@redhat.com - 1.7.3-6 - Cleanup generated client and server keys (#1601773) * Sat Jul 14 2018 Fedora Release Engineering releng@fedoraproject.org - 1.7.3-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Mon Jul 9 2018 Petr Men����k pemensik@redhat.com - 1.7.3-4 - Do not call ldconfig if possible * Wed Jul 4 2018 Petr Men����k pemensik@redhat.com - 1.7.3-3 - Update trust anchors also behind firewall (#1598078) * Mon Jul 2 2018 Miro Hron��ok mhroncok@redhat.com - 1.7.3-2 - Rebuilt for Python 3.7 * Wed Jun 27 2018 Petr Men����k pemensik@redhat.com - 1.7.3-1 - Update to 1.7.3 (#1593708) * Wed Jun 27 2018 Petr Men����k pemensik@redhat.com - 1.7.2-3 - Remove last python2 dependency from python3 build * Tue Jun 19 2018 Miro Hron��ok mhroncok@redhat.com - 1.7.2-2 - Rebuilt for Python 3.7 * Mon Jun 11 2018 Paul Wouters pwouters@redhat.com - 1.7.2-1 - Resolves rhbz#1589807 unbound-1.7.2 is available - Add patch to fix stub/forward zone not returning ServFail when TTL expires - Enabled the new root-key-sentinel option * Wed May 30 2018 Petr Men����k pemensik@redhat.com - 1.7.1-1 - Update to 1.7.1 (#1574495) * Mon Apr 9 2018 Petr Men����k pemensik@redhat.com - 1.7.0-5 - Require gcc and make on build - Remove group, simplify systemd requires - Simplify building with single python version, make python3 primary * Mon Apr 9 2018 Paul Wouters pwouters@redhat.com - 1.7.0-4 - Patch for prefetching after flushing cache * Fri Apr 6 2018 Paul Wouters pwouters@redhat.com - 1.7.0-3 - Patch for referral with auth-zone: response * Wed Mar 21 2018 Paul Wouters pwouters@redhat.com - 1.7.0-2 - Patch for broken Aggressive NSEC + stub-zone configuration causing NXDOMAIN at TTL expiry * Thu Mar 15 2018 Paul Wouters pwouters@redhat.com - 1.7.0-1 - Updated to 1.7.0 (aggressive nsec, local root support, bugfixes) * Thu Feb 22 2018 Petr Men����k pemensik@redhat.com - 1.6.8-6 - Uncomment again original max-upd-size * Wed Feb 21 2018 Petr Men����k pemensik@redhat.com - 1.6.8-5 - Use default RPM build flags and configure parameters (#1539097) * Wed Feb 21 2018 Petr Men����k pemensik@redhat.com - 1.6.8-4 - Remove group writable bit from some config files (#1528445) * Wed Feb 14 2018 Filipe Rosset rosset.filipe@gmail.com - 1.6.8-3 - rebuilt due new libevent 2.1.8 * Fri Feb 9 2018 Igor Gnatenko ignatenkobrain@fedoraproject.org - 1.6.8-2 - Escape macros in %changelog * Mon Jan 22 2018 Paul Wouters pwouters@redhat.com - 1.6.8-1 - Resolves rhbz#1483572 unbound-1.6.8 is available - Resolves rhbz#1507049 CVE-2017-15105 unbound: Improper validation of wildcard synthesized NSEC records - Resolves rhbz#1536518 CVE-2017-15105 unbound: Improper validation of wildcard synthesized NSEC records [fedora-all] * Sun Dec 17 2017 Zbigniew J��drzejewski-Szmek zbyszek@in.waw.pl - 1.6.7-2 - Python 2 binary package renamed to python2-unbound See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3 * Thu Oct 12 2017 Paul Wouters pwouters@redhat.com - 1.6.7-1 - Updated to 1.6.7 (minor bugfixes) * Tue Oct 3 2017 Petr Men����k pemensik@redhat.com - 1.6.6-3 - Update icannbundle.pem -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1633874 - Request to incorporate fix for forwarding without ipv6 connectivity https://bugzilla.redhat.com/show_bug.cgi?id=1633874 [ 2 ] Bug #1562594 - Unbound 1.7.0 crashes with a buffer overflow https://bugzilla.redhat.com/show_bug.cgi?id=1562594 --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-b129e67fab' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------
package-announce@lists.fedoraproject.org