Accepting request 640639 from home:stroeder:branches:server:dns

- update to 1.8.1

OBS-URL: https://build.opensuse.org/request/show/640639
OBS-URL: https://build.opensuse.org/package/show/server:dns/unbound?expand=0&rev=86

libunbound-devel-mini.changes

@@ -1,3 +1,65 @@
+-------------------------------------------------------------------
+Mon Oct  8 13:42:15 UTC 2018 - Michael Ströder <michael@stroeder.com>
+
+- update to 1.8.1:
+  Number of bug fixes, a list of features added and some defaults changed.
+
+Features:
+  - Perform TLS SNI indication of the host that is being contacted
+    for DNS over TLS service.  It sets the configured tls auth name.
+    This is useful for hosts that apart from the DNS over TLS services
+    also provide other (web) services.
+Bug Fixes:
+  - More explicitly mention the type of ratelimit when applying
+    ip-ratelimit.
+  - Fix spelling error in header, from getdns commit by Andreas Gelmini.
+  - iana port update.
+  - Fixed unused return value warnings in contrib/fastrpz.patch for
+    asprintf.
+  - Fix to squelch respip warning in unit test, it is printed at
+    higher verbosity settings.
+  - Fix spelling errors.
+  - Fix initialisation in remote.c
+  - Fix seed for random backup code to use explicit zero when wiped.
+  - exit log routine is annotated as noreturn function.
+  - free memory leaks in config strlist and str2list insert functions.
+  - do not move unused argv variable after getopt.
+  - Remove unused if clause in testcode.
+  - in testcode, free async ids, initialise array, and check for null
+    pointer during test of the test.  And use exit for return to note
+    irregular program stop.
+  - Free memory leak in config strlist append.
+  - make sure nsec3 comparison salt is initialized.
+  - unit test has clang analysis.
+  - remove unused variable assignment from iterator scrub routine.
+  - check for null in delegation point during iterator refetch
+    in forward zone.
+  - neater pointer cast in libunbound context quit routine.
+  - initialize statistics totals for printout.
+  - in authzone check that node exists before adding rrset.
+  - in unbound-anchor, use readwrite memory BIO.
+  - assertion in autotrust that packed rrset is formed correctly.
+  - Fix memory leak when message parse fails partway through copy.
+  - remove unused udpsize assignment in message encode.
+  - nicer bio free code in unbound-anchor.
+  - annotate exit functions with noreturn in unbound-control.
+  - Fix compile on Mac for unbound, provide explicit_bzero when libc
+    does not have it.
+  - Fix unbound for openssl in FIPS mode, it uses the digests with
+    the EVP call contexts.
+  - Fix that with harden-below-nxdomain and qname minisation enabled
+    some iterator states for nonresponsive domains can get into a
+    state where they waited for an empty list.
+  - Stop UDP to TCP failover after timeouts that causes the ping count
+    to be reset by the TCP time measurement (that exists for TLS),
+    because that causes the UDP part to not be measured as timeout.
+  - Fix #4156: Fix systemd service manager state change notification.
+  - Fix #4149: Add SSL cleanup for tcp timeout.
+  - Fix #4188: IPv6 forwarders without ipv6 result in SERVFAIL, fixes
+    qname minimisation with a forwarder when connectivity has issues
+    from rejecting responses.
+  - fastrpz.patch fixed.
+
 -------------------------------------------------------------------
 Thu Sep 17 17:00:00 UTC 2018 - michael@stroeder.com
 

libunbound-devel-mini.spec

@@ -24,7 +24,7 @@
 
 #
 Name:           libunbound-devel-mini
-Version:        1.8.0
+Version:        1.8.1
 Release:        0
 #
 #

unbound-1.8.0.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:78f79d6d3b643fdcd74a14fc76542250da886c82f82bc55b51e189663d61b83f
-size 5609213

unbound-1.8.1.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:c362b3b9c35d1b8c1918da02cdd5528d729206c14c767add89ae95acae363c5d
+size 5610191

unbound.changes

@@ -1,3 +1,65 @@
+-------------------------------------------------------------------
+Mon Oct  8 13:42:15 UTC 2018 - Michael Ströder <michael@stroeder.com>
+
+- update to 1.8.1:
+  Number of bug fixes, a list of features added and some defaults changed.
+
+Features:
+  - Perform TLS SNI indication of the host that is being contacted
+    for DNS over TLS service.  It sets the configured tls auth name.
+    This is useful for hosts that apart from the DNS over TLS services
+    also provide other (web) services.
+Bug Fixes:
+  - More explicitly mention the type of ratelimit when applying
+    ip-ratelimit.
+  - Fix spelling error in header, from getdns commit by Andreas Gelmini.
+  - iana port update.
+  - Fixed unused return value warnings in contrib/fastrpz.patch for
+    asprintf.
+  - Fix to squelch respip warning in unit test, it is printed at
+    higher verbosity settings.
+  - Fix spelling errors.
+  - Fix initialisation in remote.c
+  - Fix seed for random backup code to use explicit zero when wiped.
+  - exit log routine is annotated as noreturn function.
+  - free memory leaks in config strlist and str2list insert functions.
+  - do not move unused argv variable after getopt.
+  - Remove unused if clause in testcode.
+  - in testcode, free async ids, initialise array, and check for null
+    pointer during test of the test.  And use exit for return to note
+    irregular program stop.
+  - Free memory leak in config strlist append.
+  - make sure nsec3 comparison salt is initialized.
+  - unit test has clang analysis.
+  - remove unused variable assignment from iterator scrub routine.
+  - check for null in delegation point during iterator refetch
+    in forward zone.
+  - neater pointer cast in libunbound context quit routine.
+  - initialize statistics totals for printout.
+  - in authzone check that node exists before adding rrset.
+  - in unbound-anchor, use readwrite memory BIO.
+  - assertion in autotrust that packed rrset is formed correctly.
+  - Fix memory leak when message parse fails partway through copy.
+  - remove unused udpsize assignment in message encode.
+  - nicer bio free code in unbound-anchor.
+  - annotate exit functions with noreturn in unbound-control.
+  - Fix compile on Mac for unbound, provide explicit_bzero when libc
+    does not have it.
+  - Fix unbound for openssl in FIPS mode, it uses the digests with
+    the EVP call contexts.
+  - Fix that with harden-below-nxdomain and qname minisation enabled
+    some iterator states for nonresponsive domains can get into a
+    state where they waited for an empty list.
+  - Stop UDP to TCP failover after timeouts that causes the ping count
+    to be reset by the TCP time measurement (that exists for TLS),
+    because that causes the UDP part to not be measured as timeout.
+  - Fix #4156: Fix systemd service manager state change notification.
+  - Fix #4149: Add SSL cleanup for tcp timeout.
+  - Fix #4188: IPv6 forwarders without ipv6 result in SERVFAIL, fixes
+    qname minimisation with a forwarder when connectivity has issues
+    from rejecting responses.
+  - fastrpz.patch fixed.
+
 -------------------------------------------------------------------
 Thu Sep 17 17:00:00 UTC 2018 - michael@stroeder.com
 

unbound.spec

@@ -12,7 +12,7 @@
 # license that conforms to the Open Source Definition (Version 1.9)
 # published by the Open Source Initiative.
 
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
 #
 
 
@@ -58,7 +58,7 @@
 %endif
 
 Name:           unbound
-Version:        1.8.0
+Version:        1.8.1
 Release:        0
 #
 #