Accepting request 401843 from home:stroeder:branches:server:dns

update to 1.5.9 (successfully tested on Tumbleweed x86_64)

OBS-URL: https://build.opensuse.org/request/show/401843
OBS-URL: https://build.opensuse.org/package/show/server:dns/unbound?expand=0&rev=39

unbound-1.5.8.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:33567a20f73e288f8daa4ec021fbb30fe1824b346b34f12677ad77899ecd09be
-size 4895649

unbound-1.5.9.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:01328cfac99ab5b8c47115151896a244979e442e284eb962c0ea84b7782b6990
+size 4924965

unbound.changes

@@ -1,3 +1,83 @@
+-------------------------------------------------------------------
+Sat Jun  4 14:26:35 UTC 2016 - michael@stroeder.com
+
+- update to 1.5.9
+
+Features
+  * generic edns option parse and store code.
+  * Updated L root IPv6 address.
+  * User defined pluggable event API for libunbound
+  * ip_freebind: yesno option in unbound.conf sets IP_FREEBIND for binding 
+    to an IP address while the interface or address is down.
+  * OpenSSL 1.1.0 portability, --disable-dsa configure option.
+  * disable-dnssec-lame-check config option from Charles Walker.
+
+Bug Fixes
+  * [bugzilla: 745 ]
+  * Fix unbound.py - idn2dname throws UnicodeError when idnname contains
+    trailing dot.
+  * configure tests for the weak attribute support by the compiler.
+  * [bugzilla: 747 ]
+  * Fix assert in outnet_serviced_query_stop.
+  * Updated configure and ltmain.sh.
+  * Fixup of compile fix for pluggable event API from P.Y. Adi Prasaja.
+  * Fixup backend2str for libev.
+  * Fix libev usage of dispatch return value.
+  * No side effects in tolower() call, in case it is a macro.
+  * Fix warnings in ifdef corner case, older or unknown libevent.
+  * Fix ip-transparent for ipv6 on FreeBSD, thanks to Nick Hibma.
+  * Fix ip-transparent for tcp on freebsd.
+  * [bugzilla: 746 ]
+  * Fix unbound sets CD bit on all forwards. If no trust anchors, it'll not 
+    set CD bit when forwarding to another server. If a trust anchor, no CD 
+    bit on the first attempt to a forwarder, but CD bit thereafter on 
+    repeated attempts to get DNSSEC.
+  * Limit number of QNAME minimisation iterations.
+  * Validate QNAME minimised NXDOMAIN responses.
+  * If QNAME minimisation is enabled, do cache lookup for QTYPE NS in 
+    harden-below-nxdomain.
+  * Fix compile of getentropy_linux for SLES11 servicepack 4.
+  * Fix dnstap-log-resolver-response-messages, from Nikolay Edigaryev.
+  * Fix test for openssl to use HMAC_Update for 1.1.0.
+  * ERR_remove_state deprecated since openssl 1.0.0.
+  * OPENSSL_config is deprecated, removing.
+  * Document permit-small-holddown for 5011 debug.
+  * [bugzilla: 749 ]
+  * Fix unbound-checkconf gets SIGSEGV when use against a malformatted
+    conf file.
+  * [bugzilla: 753 ]
+  * Fix document dump_requestlist is for first thread.
+  * Fix some malformed reponses to edns queries get fallback to nonedns.
+  * [bugzilla: 759 ]
+  * Fix 0x20 capsforid no longer checks type PTR, for compatibility with 
+    cisco dns guard. This lowers false positives.
+  * Fix sldns with static checking fixes copied from getdns.
+  * Fix memory leak in out-of-memory conditions of local zone add.
+  * [bugzilla: 761 ]
+  * Fix DNSSEC LAME false positive resolving nic.club.
+  * [bugzilla: 766 ]
+  * Fix dns64 should synthesize results on timeout/errors.
+  * No QNAME minimisation fall-back for NXDOMAIN answers from
+    DNSSEC signed zones.
+  * [bugzilla: 767 ]
+  * Fix Reference to an expired Internet-Draft in harden-below-nxdomain 
+    documentation.
+  * remove memory leak from lame-check patch.
+  * [bugzilla: 770 ]
+  * Fix Small subgroup attack on DH used in unix pipe on localhost if 
+    unbound control uses a unix local named pipe.
+  * Document write permission to directory of trust anchor needed.
+  * [bugzilla: 768 ]
+  * Fix Unbound Service Sometimes Can Not Shutdown Completely, WER Report 
+    Shown Up. Close handle before closing WSA.
+  * Fix time in case answer comes from cache in ub_resolve_event().
+  * Fix windows service to be created run with limited rights, as a network 
+    service account, from Mario Turschmann.
+  * [bugzilla: 752 ]
+  * Fix retry resource temporarily unavailable on control pipe.
+  * iana ports fetched via https.
+  * iana portlist update.
+
 -------------------------------------------------------------------
 Thu Feb 25 10:07:47 UTC 2016 - michael@stroeder.com
 

unbound.spec

@@ -53,7 +53,7 @@
 %endif
 
 Name:           unbound
-Version:        1.5.8
+Version:        1.5.9
 Release:        0
 #
 #