Fedora 18 Update: unbound-1.4.20-3.fc18
updates at fedoraproject.org
updates at fedoraproject.org
Tue Jun 11 09:07:25 UTC 2013
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-9852
2013-06-02 01:18:25
--------------------------------------------------------------------------------
Name : unbound
Product : Fedora 18
Version : 1.4.20
Release : 3.fc18
URL : http://www.nlnetlabs.nl/unbound/
Summary : Validating, recursive, and caching DNS(SEC) resolver
Description :
Unbound is a validating, recursive, and caching DNS(SEC) resolver.
The C implementation of Unbound is developed and maintained by NLnet
Labs. It is based on ideas and algorithms taken from a java prototype
developed by Verisign labs, Nominet, Kirei and ep.net.
Unbound is designed as a set of modular components, so that also
DNSSEC (secure DNS) validation and stub-resolvers (that do not run
as a server, but are linked into an application) are easily possible.
--------------------------------------------------------------------------------
Update Information:
Enable round-robin, minimal responses and move root.key to /var/lib/unbound
Mostly a minor bugfix release by upstream, unbound-anchor made more selinux friendly, hardened build
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 31 2013 Paul Wouters <pwouters at redhat.com> - 1.4.20-3
- Enable round-robin (with noths() patch)
- Use /var/lib/unbound/root.key (more consistent with other distros)
- Enable minimal responses
* Tue Apr 16 2013 Paul Wouters <pwouters at redhat.com> - 1.4.20-1
- Updated to 1.4.20
- Build with full RELRO (not use -z,relro but with -z,relo,-z,now)
- Fixup man page for unbound-control-setup
- unbound.service should start before nss-lookup.target (rhbz#919955)
- Removed patch for rhbz#888759 merged in upstream
- Move root.anchor to /var/lib/unbound to make selinux policy easier for updating (rhbz#896599/rhbz#891008)
- Move cronjob for root.anchor from unbound to unbound-libs, require crontabs
- /etc/unbound (and all) should be owned by unbound-libs (rhbz#909691)
- Remove Obsolete/Provides for dnssec-conf which was last seen in f13
- Ensure any unbound-anchor failure in post is ignored
- Use install -p to prevent .rpmnew files that are identical to originals
* Tue Mar 5 2013 Adam Tkac <atkac redhat com> - 1.4.19-5
- build with full RELRO
- symlink unbound-control-setup.8 manpage to unbound-control.8
* Fri Feb 15 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.4.19-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Wed Dec 12 2012 Paul Wouters <pwouters at redhat.com> - 1.4.19-3
- Updated to 1.4.19 - this integrates all existing patches
- Patch for unbound-anchor (rhbz#888759)
* Fri Nov 9 2012 Paul Wouters <pwouters at redhat.com> - 1.4.18-6
- Patch to ensure stube-zone's aren't lost when using dnssec-triggerd
- added unbound-munin.README file
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #919955 - unbound.service doesn't mark itself as providing nss-lookup.target
https://bugzilla.redhat.com/show_bug.cgi?id=919955
[ 2 ] Bug #888759 - unbound: unbound-anchor does not disable internal XML entity expansion
https://bugzilla.redhat.com/show_bug.cgi?id=888759
[ 3 ] Bug #896599 - SELinux is preventing /usr/sbin/unbound-anchor from 'remove_name' accesses on the directory root.anchor.9143-0.
https://bugzilla.redhat.com/show_bug.cgi?id=896599
[ 4 ] Bug #891008 - SELinux is preventing /usr/sbin/unbound from write access on the directory /etc/unbound.
https://bugzilla.redhat.com/show_bug.cgi?id=891008
[ 5 ] Bug #909691 - /etc/unbound should be owned by unbound-libs, not unbound
https://bugzilla.redhat.com/show_bug.cgi?id=909691
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update unbound' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list