633d7e1337
OBS-URL: https://build.opensuse.org/request/show/417269 OBS-URL: https://build.opensuse.org/package/show/server:dns/dnscrypt-proxy?expand=0&rev=10
120 lines
4.7 KiB
Plaintext
120 lines
4.7 KiB
Plaintext
-------------------------------------------------------------------
|
|
Sat Aug 6 04:14:25 UTC 2016 - i@marguerite.su
|
|
|
|
- update version 1.7.0
|
|
* Plugins are now enabled by default.
|
|
* New command-line option: `--ignore-timestamps` to ignore timestamps
|
|
when performing certificate validation.
|
|
* New command-line option: `--syslog-prefix` to add a prefix to log
|
|
messages.
|
|
* Certificates can now be retrieved using TCP.
|
|
* Libevent was updated to version 2.0.23.
|
|
* Certificates serial numbers are printed as a string if possible.
|
|
* The list of known public resolvers was updated.
|
|
- add upstream's systemd socket, fix boo#977946 again
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jun 9 09:59:26 UTC 2016 - i@marguerite.su
|
|
|
|
- fix boo#977946 & boo#957003
|
|
* use %fillup_only macro right. can't skip "-n", or it'll use
|
|
package name while sysconfig.dnscrypt-proxy doesn't exist.
|
|
- use %fillup_prereq macro
|
|
- move libraries out from -devel subpackage, it's just not right.
|
|
- don't link dnscrypt-proxy.8.gz to dnscrypt.8.gz
|
|
- don't link /sbin/service to /sbin/rcdnscrypt.
|
|
* that method is used for backward compability w/ systemd service
|
|
while /sbin/dnscrypt is a wrapper to the actual command, and
|
|
dnscrypt is not a valid service name but dnscrypt-proxy.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Feb 12 00:00:00 CET 2016 - dsterba@suse.cz
|
|
|
|
* version 1.6.1:
|
|
- Security: malformed packets could cause the OpenDNS deviceid,
|
|
OpenDNS set-client-ip, blocking and AAAA blocking plugins to use
|
|
uninitialized pointers, leading to a denial of service or possibly
|
|
code execution. The vulnerable code is present since dnscrypt-proxy
|
|
1.1.0. OpenDNS users and people using dnscrypt-proxy in order to block
|
|
domain names and IP addresses should upgrade as soon as possible.
|
|
|
|
- add dnscrypt-resolvers.csv from git (41c6d8bb1f49a0216357)
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Dec 18 00:00:00 CET 2015 - dsterba@suse.cz
|
|
|
|
- add dnscrypt-resolvers.csv from git (e6b4e93d07bdce39d4656c5a6)
|
|
- change default resolver to cisco (bnc#957003)
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Sep 1 00:00:00 CEST 2015 - dsterba@suse.cz
|
|
|
|
* version 1.6.0:
|
|
- New feature: public-key based client authentication (-K), for private and
|
|
commercial DNS services to securely authenticate the sender of a query no
|
|
matter what the source IP address is, without altering the DNS query.
|
|
* version 1.5.0:
|
|
- New option: -E, to use an ephemeral key pair for each query.
|
|
- Logging to files is supported on Windows.
|
|
- TCP FASTOPEN is now enabled on Linux.
|
|
* version 1.4.4
|
|
- edns used by default
|
|
- server list updated
|
|
- various build fixes
|
|
- spec file cleanup
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Mar 6 00:00:00 CET 2015 - dsterba@suse.cz
|
|
|
|
- update to 1.4.3
|
|
- libevent update, including a fix for CVE-2014-6272
|
|
- Two new public dnscrypt resolvers were added: opennic-us-wa-ns1 and
|
|
dnscrypt.org-fr
|
|
- d0wn servers in France IP have changed.
|
|
- Compilation fixes.
|
|
- version 1.4.2
|
|
- New compilation switch: --with-systemd, to enable socket activation support
|
|
when using systemd
|
|
- The list of public DNSCrypt-enabled resolvers was updated
|
|
- Libevent2 updates
|
|
- add sysconfig file for more flexible configuration
|
|
- build -devel package and enable plugins
|
|
- create user dnscrypt:dnscrypt during installation
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Oct 1 15:04:43 CEST 2014 - dsterba@suse.cz
|
|
|
|
- update to 1.4.1
|
|
|
|
-------------------------------------------------------------------
|
|
Fri May 2 11:27:44 UTC 2014 - i@marguerite.su
|
|
|
|
- update version 1.4.0
|
|
* see https://github.com/jedisct1/dnscrypt-proxy/commits/master
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Oct 23 16:58:22 UTC 2012 - i@marguerite.su
|
|
|
|
- fix a hang bug in dnscrypt.service
|
|
- upstream clarify license, it's BSD.
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Oct 21 18:28:26 UTC 2012 - i@marguerite.su
|
|
|
|
- add systemd service.
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Oct 21 12:57:13 UTC 2012 - i@marguerite.su
|
|
|
|
- Version 1.2.0:
|
|
* A pre-filter can now totally bypass the resolver and directly send a
|
|
reply to the client.
|
|
* A new example plugin has been shipped: ldns-aaaa-blocking. It
|
|
directly sends an empty response to AAAA queries in order to
|
|
significantly speed up lookups on hosts without IPv6 connectivity
|
|
(but with clients still asking for AAAA records anyway).
|
|
* Example plugins requiring ldns can be compiled on Windows.
|
|
* Paths with a drive name are now recognized as absolute paths on
|
|
Windows.
|
|
|