Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package unbound for openSUSE:Factory checked 
in at 2023-09-07 21:12:20
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/unbound (Old)
 and      /work/SRC/openSUSE:Factory/.unbound.new.1766 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "unbound"

Thu Sep  7 21:12:20 2023 rev:62 rq:1109502 version:1.18.0

Changes:
--------
--- /work/SRC/openSUSE:Factory/unbound/libunbound-devel-mini.changes    
2023-08-30 10:21:02.589346898 +0200
+++ /work/SRC/openSUSE:Factory/.unbound.new.1766/libunbound-devel-mini.changes  
2023-09-07 21:12:41.809210520 +0200
@@ -1,0 +2,65 @@
+Thu Sep  7 08:03:33 UTC 2023 - Pedro Monreal <pmonr...@suse.com>
+
+- Update to 1.18.0:
+  * Features:
+    - Аdd a metric about the maximum number of collisions in lrushah.
+    - Set max-udp-size default to 1232. This is the same default value
+      as the default value for edns-buffer-size. It restricts client
+      edns buffer size choices, and makes unbound behave similar to
+      other DNS resolvers.
+    - Add harden-unknown-additional option. It removes unknown records
+      from the authority section and additional section.
+    - Added new static zone type block_a to suppress all A queries for
+      specific zones.
+    - [FR] Ability to use Redis unix sockets.
+    - [FR] Ability to set the Redis password.
+    - Features/dropqueuedpackets, with sock-queue-timeout option that
+      drops packets that have been in the socket queue for too long.
+      Added statistics num.queries_timed_out and query.queue_time_us.max
+      that track the socket queue timeouts.
+    - 'eqvinox' Lamparter: NAT64 support.
+    - [FR] Use kernel timestamps for dnstap.
+    - Add cachedb hit stat. Introduces 'num.query.cachedb' as a new
+      statistical counter.
+    - Add SVCB dohpath support.
+    - Add validation EDEs to queries where the CD bit is set.
+    - Add prefetch support for subnet cache entries.
+    - Add EDE (RFC8914) caching.
+    - Add support for EDE caching in cachedb and subnetcache.
+    - Downstream DNS Server Cookies a la RFC7873 and RFC9018. Create server
+      cookies for clients that send client cookies. This needs to be explicitly
+      turned on in the config file with: `answer-cookie: yes`.
+  * Bug Fixes
+    - Response change to NODATA for some ANY queries since 1.12.
+    - Fix not following cleared RD flags potentially enables
+      amplification DDoS attacks.
+    - Set default for harden-unknown-additional to no. So that it
+      does not hamper future protocol developments.
+    - Fix to ignore entirely empty responses, and try at another authority.
+      This turns completely empty responses, a type of noerror/nodata into
+      a servfail, but they do not conform to RFC2308, and the retry can fetch
+      improved content.
+    - Allow TTL refresh of expired error responses.
+    - Fix: Unexpected behavior with client-subnet-always-forward and 
serve-expired
+    - Fix unbound-dnstap-socket test program to reply the finish frame over
+      a TLS connection correctly.
+    - Fix: reserved identifier violation
+    - Fix: Unencrypted query is sent when forward-tls-upstream: yes is used
+      without tls-cert-bundle
+    - Extra consistency check to make sure that when TLS is requested,
+      either we set up a TLS connection or we return an error.
+    - Fix: NXDOMAIN instead of NOERROR rcode when asked for existing CNAME 
record.
+    - Fix: Bad interaction with 0 TTL records and serve-expired
+    - Fix RPZ IP responses with trigger rpz-drop on cache entries.
+    - Fix RPZ removal of client-ip, nsip, nsdname triggers from IXFR.
+    - Fix dereference of NULL variable warning in mesh_do_callback.
+    - Fix ip_ratelimit test to work with dig that enables DNS cookies.
+    - Fix for iter_dec_attempts that could cause a hang, part of capsforid
+      and qname minimisation, depending on the settings.
+    - Fix uninitialized memory passed in padding bytes of cmsg to sendmsg.
+    - Fix stat_values test to work with dig that enables DNS cookies.
+    - unbound.service: Main process exited, code=killed, status=11/SEGV.
+      Fixes cachedb configuration handling.
+    - Fix: processQueryResponse() THROWAWAY should be mindful of fail_reply.
+
+-------------------------------------------------------------------
unbound.changes: same change

Old:
----
  unbound-1.17.1.tar.gz
  unbound-1.17.1.tar.gz.asc

New:
----
  unbound-1.18.0.tar.gz
  unbound-1.18.0.tar.gz.asc

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ libunbound-devel-mini.spec ++++++
--- /var/tmp/diff_new_pack.ScKYUD/_old  2023-09-07 21:12:44.933322200 +0200
+++ /var/tmp/diff_new_pack.ScKYUD/_new  2023-09-07 21:12:44.937322343 +0200
@@ -22,7 +22,7 @@
 %bcond_without hardened_build
 #
 Name:           libunbound-devel-mini
-Version:        1.17.1
+Version:        1.18.0
 #!BcntSyncTag: unbound
 Release:        0
 Summary:        Just a devel package for build loops

++++++ unbound.spec ++++++
--- /var/tmp/diff_new_pack.ScKYUD/_old  2023-09-07 21:12:44.973323630 +0200
+++ /var/tmp/diff_new_pack.ScKYUD/_new  2023-09-07 21:12:44.977323773 +0200
@@ -33,7 +33,7 @@
 %define piddir /run
 
 Name:           unbound
-Version:        1.17.1
+Version:        1.18.0
 Release:        0
 BuildRequires:  flex
 BuildRequires:  ldns-devel >= %{ldns_version}

++++++ unbound-1.17.1.tar.gz -> unbound-1.18.0.tar.gz ++++++
/work/SRC/openSUSE:Factory/unbound/unbound-1.17.1.tar.gz 
/work/SRC/openSUSE:Factory/.unbound.new.1766/unbound-1.18.0.tar.gz differ: char 
18, line 1

Reply via email to