d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
25039b37d3
freebsd-dev/contrib/unbound/README.md
Cy Schubert 091e9e469b MFV r361322: 
Update unbound 1.9.6 --> 1.10.1.

Bug Fixes:
 - CVE-2020-12662 Unbound can be tricked into amplifying an incoming
   query into a large number of queries directed to a target.
 - CVE-2020-12663 Malformed answers from upstream name servers can be
   used to make Unbound unresponsive.

Reported by:	emaste
MFC after:	3 days
Relnotes:	yes
Security:	CVE-2020-12662, CVE-2020-12663
2020-05-21 21:00:46 +00:00

1.8 KiB
Raw Blame History

Unbound

Travis Build Status Packaging status Fuzzing Status

Unbound is a validating, recursive, caching DNS resolver. It is designed to be fast and lean and incorporates modern features based on open standards. If you have any feedback, we would love to hear from you. Dont hesitate to create an issue on Github or post a message on the Unbound mailing list. You can lean more about Unbound by reading our documentation.

Compiling

Make sure you have the C toolchain, OpenSSL and its include files, and libexpat installed. Unbound can be compiled and installed using:

./configure && make && make install

You can use libevent if you want. libevent is useful when using many (10000) outgoing ports. By default max 256 ports are opened at the same time and the builtin alternative is equally capable and a little faster.

Use the --with-libevent=dir configure option to compile Unbound with libevent support.

Unbound configuration

All of Unbound's configuration options are described in the man pages, which will be installed and are available on the Unbound documentation page.

An example configuration file is located in doc/example.conf.