From 61ce99b18f11248b35b183e2804b9ef0e561d750d87a67b2a8b721909d46bbfa Mon Sep 17 00:00:00 2001
From: Marcus Rueckert <mrueckert@suse.com>
Date: Mon, 1 Aug 2022 14:08:30 +0000
Subject: [PATCH] Accepting request 992035 from home:stroeder:network

Update to 1.16.2 which fixes the novel ghost domain issues CVE-2022-30698 and CVE-2022-30699.

OBS-URL: https://build.opensuse.org/request/show/992035
OBS-URL: https://build.opensuse.org/package/show/server:dns/unbound?expand=0&rev=151
---
 libunbound-devel-mini.changes | 24 ++++++++++++++++++++++++
 libunbound-devel-mini.spec    |  2 +-
 unbound-1.16.1.tar.gz         |  3 ---
 unbound-1.16.2.tar.gz         |  3 +++
 unbound.changes               | 24 ++++++++++++++++++++++++
 unbound.spec                  |  2 +-
 6 files changed, 53 insertions(+), 5 deletions(-)
 delete mode 100644 unbound-1.16.1.tar.gz
 create mode 100644 unbound-1.16.2.tar.gz

diff --git a/libunbound-devel-mini.changes b/libunbound-devel-mini.changes
index 2ce65fe..c588186 100644
--- a/libunbound-devel-mini.changes
+++ b/libunbound-devel-mini.changes
@@ -1,3 +1,27 @@
+-------------------------------------------------------------------
+Mon Aug  1 13:05:10 UTC 2022 - Michael Ströder <michael@stroeder.com>
+
+- update to 1.16.2
+  * Features
+    - Merge #718: Introduce infra-cache-max-rtt option to config max
+      retransmit timeout.
+  * Bug Fixes
+    - Fix the novel ghost domain issues CVE-2022-30698 and CVE-2022-30699.
+    - Fix bug introduced in 'improve val_sigcrypt.c::algo_needs_missing for
+      one loop pass'.
+    - Merge PR #668 from Cristian Rodríguez: Set IP_BIND_ADDRESS_NO_PORT on
+      outbound tcp sockets.
+    - Fix verbose EDE error printout.
+    - Fix dname count in sldns parse type descriptor for SVCB and HTTPS.
+    - For windows crosscompile, fix setting the IPV6_MTU socket option
+      equivalent (IPV6_USER_MTU); allows cross compiling with latest
+      cross-compiler versions.
+    - Merge PR 714: Avoid treat normal hosts as unresponsive servers.
+      And fixup the lock code.
+    - iana portlist update.
+    - Update documentation for 'outbound-msg-retry:'.
+    - Tests for ghost domain fixes.
+
 -------------------------------------------------------------------
 Mon Jul 11 10:03:06 UTC 2022 - Michael Ströder <michael@stroeder.com>
 
diff --git a/libunbound-devel-mini.spec b/libunbound-devel-mini.spec
index 7ec16e6..abaf384 100644
--- a/libunbound-devel-mini.spec
+++ b/libunbound-devel-mini.spec
@@ -22,7 +22,7 @@
 %bcond_without hardened_build
 #
 Name:           libunbound-devel-mini
-Version:        1.16.1
+Version:        1.16.2
 Release:        0
 Summary:        Just a devel package for build loops
 License:        BSD-3-Clause
diff --git a/unbound-1.16.1.tar.gz b/unbound-1.16.1.tar.gz
deleted file mode 100644
index db627f6..0000000
--- a/unbound-1.16.1.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:2fe4762abccd564a0738d5d502f57ead273e681e92d50d7fba32d11103174e9a
-size 6201745
diff --git a/unbound-1.16.2.tar.gz b/unbound-1.16.2.tar.gz
new file mode 100644
index 0000000..9c728fe
--- /dev/null
+++ b/unbound-1.16.2.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:2e32f283820c24c51ca1dd8afecfdb747c7385a137abe865c99db4b257403581
+size 6204297
diff --git a/unbound.changes b/unbound.changes
index 0e85636..0d3813b 100644
--- a/unbound.changes
+++ b/unbound.changes
@@ -1,3 +1,27 @@
+-------------------------------------------------------------------
+Mon Aug  1 13:05:10 UTC 2022 - Michael Ströder <michael@stroeder.com>
+
+- update to 1.16.2
+  * Features
+    - Merge #718: Introduce infra-cache-max-rtt option to config max
+      retransmit timeout.
+  * Bug Fixes
+    - Fix the novel ghost domain issues CVE-2022-30698 and CVE-2022-30699.
+    - Fix bug introduced in 'improve val_sigcrypt.c::algo_needs_missing for
+      one loop pass'.
+    - Merge PR #668 from Cristian Rodríguez: Set IP_BIND_ADDRESS_NO_PORT on
+      outbound tcp sockets.
+    - Fix verbose EDE error printout.
+    - Fix dname count in sldns parse type descriptor for SVCB and HTTPS.
+    - For windows crosscompile, fix setting the IPV6_MTU socket option
+      equivalent (IPV6_USER_MTU); allows cross compiling with latest
+      cross-compiler versions.
+    - Merge PR 714: Avoid treat normal hosts as unresponsive servers.
+      And fixup the lock code.
+    - iana portlist update.
+    - Update documentation for 'outbound-msg-retry:'.
+    - Tests for ghost domain fixes.
+
 -------------------------------------------------------------------
 Mon Jul 11 10:03:06 UTC 2022 - Michael Ströder <michael@stroeder.com>
 
diff --git a/unbound.spec b/unbound.spec
index 1e5343a..11c7fa9 100644
--- a/unbound.spec
+++ b/unbound.spec
@@ -33,7 +33,7 @@
 %define piddir /run
 
 Name:           unbound
-Version:        1.16.1
+Version:        1.16.2
 Release:        0
 BuildRequires:  flex
 BuildRequires:  ldns-devel >= %{ldns_version}