Thu, 25 Apr 2024 07:48:13 UTC | login

Information for build unbound-1.5.1-1.el6

ID9705
Package Nameunbound
Version1.5.1
Release1.el6
Epoch
SummaryValidating, recursive, and caching DNS(SEC) resolver
DescriptionUnbound is a validating, recursive, and caching DNS(SEC) resolver. The C implementation of Unbound is developed and maintained by NLnet Labs. It is based on ideas and algorithms taken from a java prototype developed by Verisign labs, Nominet, Kirei and ep.net. Unbound is designed as a set of modular components, so that also DNSSEC (secure DNS) validation and stub-resolvers (that do not run as a server, but are linked into an application) are easily possible.
Built byarrfab
State complete
Volume DEFAULT
StartedThu, 25 Feb 2016 07:48:30 UTC
CompletedThu, 25 Feb 2016 07:51:38 UTC
Taskbuild (infrastructure6-el6, unbound-1.5.1-1.el6.src.rpm)
Tags
infrastructure6-testing
RPMs
src
unbound-1.5.1-1.el6.src.rpm (info) (download)
i686
unbound-1.5.1-1.el6.i686.rpm (info) (download)
unbound-devel-1.5.1-1.el6.i686.rpm (info) (download)
unbound-libs-1.5.1-1.el6.i686.rpm (info) (download)
unbound-python-1.5.1-1.el6.i686.rpm (info) (download)
unbound-debuginfo-1.5.1-1.el6.i686.rpm (info) (download)
noarch
unbound-munin-1.5.1-1.el6.noarch.rpm (info) (download)
x86_64
unbound-1.5.1-1.el6.x86_64.rpm (info) (download)
unbound-devel-1.5.1-1.el6.x86_64.rpm (info) (download)
unbound-libs-1.5.1-1.el6.x86_64.rpm (info) (download)
unbound-python-1.5.1-1.el6.x86_64.rpm (info) (download)
unbound-debuginfo-1.5.1-1.el6.x86_64.rpm (info) (download)
Logs
i686
root.log
build.log
state.log
x86_64
root.log
build.log
state.log
Changelog * Mon Feb 09 2015 Paul Wouters <pwouters@redhat.com> - 1.5.1-1 - Updated to 1.5.1 for CVE-2014-8602 (rhbz#1172067) - Enable ECDSA (but not GOST) - ldns is no longer a used by unbound - Pull in getauxval test for older libc * Thu Sep 04 2014 Paul Wouters <pwouters@redhat.com> - 1.4.22-1 - Updated to 1.4.22 - Ensure scriptlets return 0 (rhbz#1049227) * Thu Sep 19 2013 Paul Wouters <pwouters@redhat.com> - 1.4.21-1 - Updated to 1.4.21, - Enabled new max-udp-size: 3072 (so ANY isc.org won't fit) - Removed patch merged in by upstream - Enable statistics-cumulative for munin-plugin - Updated unbound.conf * Fri Apr 19 2013 Paul Wouters <pwouters@redhat.com> - 1.4.20-2 - Fix for the runuser command in post (rhbz#953337) - Enable round-robin in unbound.conf (and patch for ntohs) - Enable minimum-response in unbound.conf - Switch unbound.conf to use /var/lib/unbound/root.anchor * Tue Apr 16 2013 Paul Wouters <pwouters@redhat.com> - 1.4.20-1 - Updated to 1.4.20 - Build with full RELRO / pie - link unbound-control-setup.8 manpage to unbound-control.8 (Adam) - Allow for non-default config location in init script (Ville) - Use install -p to prevent .rpmnew files that are identical to originals - Move root.anchor to /var/lib/unbound to make selinux policy easier for updating (rhbz#896599/rhbz#891008) - Move cronjob for root.anchor from unbound to unbound-libs, require crontabs - /etc/unbound (and all) should be owned by unbound-libs (rhbz#909691) - Ensure any unbound-anchor failure in post is ignored * Fri Dec 21 2012 Paul Wouters <pwouters@redhat.com> - 1.4.19-1 - Updated to 1.4.19 - this integrates all existing patches - Patch for unbound-anchor (rhbz#888759) * Wed Nov 14 2012 Paul Wouters <pwouters@redhat.com> - 1.4.18-5 - Patch to allow wildcards in include: statements - Patch to ensure stub-zone's aren't lost when reconfiguring forwarder * Sat Nov 03 2012 Paul Wouters <pwouters@redhat.com> - 1.4.18-4 - Patch to allow wildcards in include: statements - Add directories /etc/unbound/keys.d,conf.d,local.d with example entries - Added /etc/unbound/root.anchor, maintained by unbound-anchor which is installed as monthly cron and called by initscript (root.key is unused, but left installed in case people depend on it) - /etc/sysconfig/unbound support - Run unbound-checkconf in initscript - Moved trust anchor related files to unbound-libs, as they can be used without the daemon. - unbound-anchor moved to unbound-libs package. It is needed to update the root.anchor key file. * Thu Sep 06 2012 Paul Wouters <pwouters@redhat.com> - 1.4.18-3 - Fix openssl thread locking bug under high query load * Thu Aug 23 2012 Paul Wouters <pwouters@redhat.com> - 1.4.18-2 - Updated unbound.conf with comments for added options - Workaround for rhbz#489278 * Thu Aug 23 2012 Paul Wouters <pwouters@redhat.com> - 1.4.18-1 - Updated to 1.4.18 - Removed merged in patch - Added comment in root.key - Add proper links to man pages - Split man pages in proper unbound/unbound-devel package - Added --disable-ecdsa since it requires ECC which is not available * Wed Feb 29 2012 Paul Wouters <pwouters@redhat.com> - 1.4.16-2 - Since the daemon links to the libs staticly, add Requires: (this is rhbz#745288) - Package up streamtcp as unbound-streamtcp (for monitoring) - Patch r2634 applied to squelch tcp errors per default * Sat Feb 04 2012 Paul Wouters <pwouters@redhat.com> - 1.4.16-1 - Upgraded to 1.4.16, which was relesed due to the soname bug in 1.4.15 - Updated unbound.conf to show how to configure listening on tls443 - Fixes some NSEC3 related DNSSEC validation errors * Mon Dec 19 2011 Paul Wouters <paul@cypherpunks.ca> - 1.4.14-1 - Upgraded to 1.4.14 for CVE-2011-4528 / VU#209659 - SSL-wrapped query support for dnssec-trigger - EDNS handling changes - Removed integrated EDNS patches - Disabled use-caps-for-id, GoDaddy domains now break on it - Enabled new harden-below-nxdomain * Thu Sep 15 2011 Paul Wouters <paul@xelerance.com> - 1.4.13-1 - Upgraded to 1.4.13 - Added root key for DNSSEC - Removed merged in pythonmod patch - Added EDNS1480 patch to fix unbound on broken EDNS/UDP networks - Enabled python module - No longer enable --enable-debug as it causes degraded performance under load. - Updated stock unbound.conf for new options introduced - Added ghost for /var/run/unbound (bz#656710) * Wed May 25 2011 Paul Wouters <paul@xelerance.com> - 1.4.4-3 - Applied patch for CVE-2011-1922 DoS vulnerability * Mon May 31 2010 Paul Wouters <paul@xelerance.com> - 1.4.4-1 - Upgraded to 1.4.4 with svn patches - Obsolete dnssec-conf to ensure it is de-installed * Fri Apr 02 2010 Paul Wouters <paul@xelerance.com> - 1.4.3-2 - Updated unbound.conf with new options - Enabled pre-fetching DNSKEY records (DNSSEC speedup) - Enabled re-fetching popular records before they expire - Enabled logging of DNSSEC validation errors * Fri Apr 02 2010 Paul Wouters <paul@xelerance.com> - 1.4.3-1 - Upgrade to 1.4.3 - Added swig dependancy for python module - Overriding -D_GNU_SOURCE is no longer needed. This fixes DSO issues with pthreads * Thu Feb 18 2010 Paul Wouters <paul@xelerance.com> - 1.4.1-2 - Removed dependancy for dnssec-conf - Added ISC DLV key (formerly in dnssec-conf) - Fixup old DLV locations in unbound.conf file via %post - Fix parent child disagreement handling and no-ipv6 present [svn r1953] * Thu Oct 08 2009 Paul Wouters <paul@xelerance.com> - 1.3.4-2 - Security update to 1.3.4 fixes NSEC3 processing * Fri Aug 21 2009 Tomas Mraz <tmraz@redhat.com> - 1.3.3-2 - rebuilt with new openssl * Mon Aug 17 2009 Paul Wouters <paul@xelerance.com> - 1.3.3-1 - Updated to 1.3.3 * Sun Jul 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.3.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild * Sat Jun 20 2009 Paul Wouters <paul@xelerance.com> - 1.3.0-2 - Added missing glob patch to cvs - Place python macros within the %with_python check * Sat Jun 20 2009 Paul Wouters <paul@xelerance.com> - 1.3.0-1 - Updated to 1.3.0 - Added unbound-python sub package. disabled for now - Patch from svn to fix DLV lookups - Patches from svn to detect wrong truncated response from BIND 9.6.1 with minimal-responses) - Added Default-Start and Default-Stop to unbound.init - Re-enabled --enable-sha2 - Re-enabled glob.patch * Wed May 20 2009 Paul Wouters <paul@xelerance.com> - 1.2.1-7 - unbound-iterator.patch was not commited * Wed May 20 2009 Paul Wouters <paul@xelerance.com> - 1.2.1-6 - Fix for https://bugzilla.redhat.com/show_bug.cgi?id=499793 * Tue Mar 17 2009 Paul Wouters <paul@xelerance.com> - 1.2.1-5 - Use --nocheck to avoid giving an error on missing unbound-remote certs/keys * Tue Mar 10 2009 Adam Tkac <atkac redhat com> - 1.2.1-4 - enable DNSSEC only if it is enabled in sysconfig/dnssec * Mon Mar 09 2009 Adam Tkac <atkac redhat com> - 1.2.1-3 - add DNSSEC support to initscript and enabled it per default - add requires dnssec-conf * Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.2.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild * Tue Feb 10 2009 Paul Wouters <paul@xelerance.com - 1.2.1-1 - updated to 1.2.1 * Sun Jan 18 2009 Tomas Mraz <tmraz@redhat.com> - 1.2.0-2 - rebuild with new openssl * Wed Jan 14 2009 Paul Wouters <paul@xelerance.com - 1.2.0-1 - Updated to 1.2.0 - Added dependancy on minimum SSL for CVE-2008-5077 - Added dependancy on bc for unbound-munin - Added minimum requirement of libevent 1.4.5. Crashes with older versions (note: libevent is stale in EL-4 and not in EL-5, needs fixing there) - Removed dependancy on selinux-policy (will get used when available) - Enable options as per draft-wijngaards-dnsext-resolver-side-mitigation-00.txt - Enable unwanted-reply-threshold to mitigate against a Kaminsky attack - Enable val-clean-additional to drop addition unsigned data from signed response. - Removed patches (got merged into upstream) * Mon Jan 05 2009 Paul Wouters <paul@xelerance.com> - 1.1.1-7 - Modified scandir patch to silently fail when wildcard matches nothing - Patch to allow unbound-checkconf to find empty wildcard matches * Mon Jan 05 2009 Paul Wouters <paul@xelerance.com> - 1.1.1-6 - Added scandir patch for trusted-keys-file: option, which is used to load multiple dnssec keys in bind file format * Mon Dec 08 2008 Paul Wouters <paul@xelerance.com> - 1.1.1-4 - Added Requires: for selinux-policy >= 3.5.13-33 for proper SElinux rules. * Mon Dec 01 2008 Paul Wouters <paul@xelerance.com> - 1.1.1-3 - We did not own the /etc/unbound directory (#474020) - Fixed cvs anomalies * Fri Nov 28 2008 Adam Tkac <atkac redhat com> - 1.1.1-2 - removed all obsolete chroot related stuff - label control certs after generation correctly * Thu Nov 20 2008 Paul Wouters <paul@xelerance.com> - 1.1.1-1 - Updated to unbound 1.1.1 which fixes a crasher and addresses nlnetlabs bug #219 * Wed Nov 19 2008 Paul Wouters <paul@xelerance.com> - 1.1.0-3 - Remove the chroot, obsoleted by SElinux - Add additional munin plugin links supported by unbound plugin - Move configuration directory from /var/lib/unbound to /etc/unbound - Modified unbound.init and unbound.conf to account for chroot changes - Updated unbound.conf with new available options - Enabled dns-0x20 protection per default * Wed Nov 19 2008 Adam Tkac <atkac redhat com> - 1.1.0-2 - unbound-1.1.0-log_open.patch - make sure log is opened before chroot call - tracked as http://www.nlnetlabs.nl/bugs/show_bug.cgi?id=219 - removed /dev/log and /var/run/unbound and /etc/resolv.conf from chroot, not needed - don't mount files in chroot, it causes problems during updates - fixed typo in default config file * Fri Nov 14 2008 Paul Wouters <paul@xelerance.com> - 1.1.0-1 - Updated to version 1.1.0 - Updated unbound.conf's statistics options and remote-control to work properly for munin - Added unbound-munin package - Generate unbound remote-control key/certs on first startup - Required ldns is now 1.4.0 * Wed Oct 22 2008 Paul Wouters <paul@xelerance.com> - 1.0.2-5 - Only call ldconfig in -libs package - Move configure into build section - devel subpackage should only depend on libs subpackage * Tue Oct 21 2008 Paul Wouters <paul@xelerance.com> - 1.0.2-4 - Fix CFLAGS getting lost in build - Don't enable interface-automatic:yes because that causes unbound to listen on 0.0.0.0 instead of 127.0.0.1 * Sun Oct 19 2008 Paul Wouters <paul@xelerance.com> - 1.0.2-3 - Split off unbound-libs, make build verbose * Thu Oct 09 2008 Paul Wouters <paul@xelerance.com> - 1.0.2-2 - FSB compliance, chroot fixes, initscript fixes * Thu Sep 11 2008 Paul Wouters <paul@xelerance.com> - 1.0.2-1 - Upgraded to 1.0.2 * Wed Jul 16 2008 Paul Wouters <paul@xelerance.com> - 1.0.1-1 - upgraded to new release * Wed May 21 2008 Paul Wouters <paul@xelerance.com> - 1.0.0-2 - Build against ldns-1.3.0 * Wed May 21 2008 Paul Wouters <paul@xelerance.com> - 1.0.0-1 - Split of -devel package, fixed dependancies, make rpmlint happy * Fri Apr 25 2008 Wouter Wijngaards <wouter@nlnetlabs.nl> - 0.12 - Using parts from ports collection entry by Jaap Akkerhuis. - Using Fedoraproject wiki guidelines. * Wed Apr 23 2008 Wouter Wijngaards <wouter@nlnetlabs.nl> - 0.11 - Initial version.