cy
51112a15b9
MFV r361322:
...
Update unbound 1.9.6 --> 1.10.1.
Bug Fixes:
- CVE-2020-12662 Unbound can be tricked into amplifying an incoming
query into a large number of queries directed to a target.
- CVE-2020-12663 Malformed answers from upstream name servers can be
used to make Unbound unresponsive.
Reported by: emaste
MFC after: 3 days
Relnotes: yes
Security: CVE-2020-12662, CVE-2020-12663
2020-05-21 21:00:46 +00:00
cy
6a71b7809e
Unbound's config.h is manually maintained, using a ./configure produced
...
config.h as a guide. In practice contributed software maintains a copy
of config.h within its build directory tree containing its Makefile.
usr.sbin/unbound is the home for its config.h.
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D22983
2020-01-13 06:55:31 +00:00
cy
3087a96bc4
MFV r356143:
...
Update unbound 1.9.2 --> 1.9.6.
MFC after: 3 days
Security: CVE-2019-18934 (fixed by 1.9.5)
2019-12-31 15:50:41 +00:00
des
a26dd17d56
Upgrade Unbound to 1.9.2.
2019-07-04 08:40:10 +00:00
des
27f0539ab9
Merge upstream r4932: turn so-reuseport option off by default.
...
MFC after: 3 days
2018-11-01 23:42:35 +00:00
des
7419258c5c
Try harder to sanitize the environment before running configure.
...
Remove a workaround for older Unbound versions that used sbrk.
Approved by: re (gjb)
2018-10-10 22:29:06 +00:00
des
0b62c2b8b2
Upgrade to 1.8.1.
...
Approved by: re (kib)
2018-10-10 08:53:47 +00:00
des
eb21be2606
Upgrade Unbound to 1.8.0. More to follow.
...
Approved by: re (kib)
2018-10-10 07:55:06 +00:00
jkim
b13e04a27e
Make unbound buildable.
2018-09-19 07:03:28 +00:00
jkim
192af730df
Revert r338774. Unrelated changes were committed with Apache Serf.
2018-09-19 06:56:37 +00:00
jkim
7cc69f42ae
Update Apache Serf to 1.3.9 to make it buildable with OpenSSL 1.1.1.
2018-09-19 06:49:55 +00:00
des
3526ab7018
Upgrade Unbound to 1.7.3. More to follow.
...
Approved by: re (kib@)
2018-09-10 17:37:34 +00:00
des
d80a9d8e56
Upgrade Unbound to 1.7.2. More to follow.
...
Approved by: re (kib@)
2018-09-10 16:56:44 +00:00
des
bb2118ef40
Rename all Unbound binaries and man pages from unbound* to local-unbound*.
...
PR: 222902
2018-05-12 17:10:36 +00:00
des
6c94117e62
Upgrade Unbound to 1.7.1.
2018-05-12 15:20:39 +00:00
des
62789ed6aa
Upgrade Unbound to 1.7.0. More to follow.
2018-05-12 15:04:05 +00:00
des
142fac78a4
Upgrade Unbound to 1.6.8. More to follow.
2018-05-12 14:57:42 +00:00
des
9d601fb636
No reason to keep this around.
2018-05-12 14:51:53 +00:00
des
cdf1d61589
Upgrade Unbound to 1.6.7. More to follow.
2018-05-12 14:51:18 +00:00
des
48dec7a67f
Upgrade Unbound to 1.6.6. More to follow.
2018-05-12 14:48:38 +00:00
des
cd725d1e75
Upgrade Unbound to 1.6.5. More to follow.
2018-05-12 14:39:41 +00:00
des
c7bc6bcc6a
Upgrade Unbound to 1.6.4. More to follow.
2018-05-12 14:36:58 +00:00
des
d9872a36e6
Upgrade Unbound to 1.6.3. More to follow.
2018-05-12 14:19:14 +00:00
des
bf48865e7d
Upgrade Unbound to 1.6.2. More to follow.
2018-05-12 14:15:39 +00:00
des
8b73549d44
Upgrade Unbound to 1.6.1. More to follow.
2018-05-12 14:04:48 +00:00
des
033739542f
Upgrade Unbound to 1.6.0. More to follow.
2018-05-12 12:57:34 +00:00
des
f6a79c1703
Merge upstream r4302 to support multiple concurrently valid anchors.
...
If an unpatched unbound-anchor is run without a preexisting root anchor
between 2017-09-11 and 2017-10-11, it will fail and Unbound will not be
able to start unless the validator is disabled. An EN will be issued
with patches for existing systems and information on how to work around
the issue on new installations.
2017-08-31 12:02:14 +00:00
des
8443fee657
Upgrade to Unbound 1.5.10.
2016-09-29 18:24:29 +00:00
des
b8710acf41
Upgrade to Unbound 1.5.9.
2016-09-04 12:17:57 +00:00
des
2a21f7140f
Apply upstream r3651: the IPv6 address of the L root has changed.
2016-03-11 14:57:40 +00:00
des
333413e33d
Upgrade to Unbound 1.5.8.
2016-03-05 19:29:18 +00:00
des
a94c4c08ce
Use the new insecure-lan-zones option instead of listing each AS112 zone
...
separately.
MFC after: 3 days
2016-02-11 17:37:02 +00:00
sobomax
fbaeae6294
Root out files that don't really belong here and could in fact screw
...
you over if you happen to use git for FreeBSD development, as it is
the case with the unbound/.gitignore, which lits files that are
actually required for the buildworld.
MFC after: 1 day
2016-02-02 19:04:40 +00:00
des
f2bca8d61d
Upgrade to Unbound 1.5.7.
2015-12-14 13:01:51 +00:00
des
1bf9dc7fc4
Ask make(1) which compiler to use rather than rely on whatever is in $PATH.
2015-12-12 22:54:12 +00:00
des
a320991678
Apply r3505 (s/SIGQUIT/SIGTERM/ in man page)
...
PR: 203580
2015-10-14 18:08:38 +00:00
des
4350483166
Upgrade to Unbound 1.5.5.
2015-10-09 11:46:27 +00:00
des
870d2cd235
When chrooted, we need to strip the chroot directory from the front of
...
included paths. Don't forget to do it for globs as well.
2015-09-17 16:19:36 +00:00
des
c5050a3b9f
Upgrade to Unbound 1.5.4.
2015-09-17 16:10:11 +00:00
des
08fe3b61a6
Upgrade Unbound to 1.5.3.
2015-04-27 12:06:13 +00:00
des
84a33eb82c
MFV (r277045): merge upstream version of the local socket patch.
2015-01-12 09:46:49 +00:00
des
266f3b9335
mfv (r276698): support for remote control over local sockets.
2015-01-05 14:59:18 +00:00
des
db2be144cc
Add generated files.
2015-01-03 11:52:43 +00:00
des
7e4640559c
Upgrade to Unbound 1.5.1. Almost all our local changes to date have been
...
adopted upstream, greatly reducing the diff.
2015-01-03 02:40:51 +00:00
des
5606bb1e5a
Recognize the lexer and parser sources.
2015-01-03 00:31:52 +00:00
delphij
a526ff1d89
MFV r275844:
...
Fix unbound remote denial of service vulnerability.
Security: FreeBSD-SA-14:30.unbound
Security: CVE-2014-8602
2014-12-17 06:55:44 +00:00
des
d3e404ac25
Clean up the libunbound build to avoid accidentally regenerating the
...
configuration lexer and parser during buildworld. Instead of being
included in the source as it is in the upstream distribution, the code is
now always generated (in ${.OBJDIR}) at build time.
PR: 190739
MFC after: 1 week
2014-07-19 18:38:48 +00:00
des
d96c67cabd
Import unblock-lan-zones feature backported from upstream svn trunk.
...
This is a partial fix for reverse lookups in RFC 1918 networks. With
this option enabled, unbound no longer ignores these queries; however,
it will still reject the answer it gets from the forwarder, because
the RFC 1918 reverse zones are signed.
Submitted by: "W.C.A. Wijngaards" <wouter@nlnetlabs.nl>
2014-07-18 11:32:44 +00:00
des
702c9d2a00
Move libworker_event_done_cb() from libworker.h to worker.h.
2014-05-27 23:39:28 +00:00
des
710d2272e0
regenerate
2014-05-15 19:48:52 +00:00