+3 July 2023: George
+ - Merge #739: Add SVCB dohpath support.
+ - Code cleanup for sldns_str2wire_svcparam_key_lookup.
++ - Merge #802: add validation EDEs to queries where the CD bit is set.
++ - For #802: Cleanup comments and add RCODE check for CD bit test case.
+
+3 July 2023: Wouter
+ - Fix #906: warning: ‘Py_SetProgramName’ is deprecated.
+ - Fix dereference of NULL variable warning in mesh_do_callback.
+
+29 June 2023: George
+ - More fixes for reference counting for python module and clean up
+ failure code.
+ - Merge #827 from rcmcdonald91: Eliminate unnecessary Python reloading
+ which causes memory leaks.
+
+29 June 2023: Wouter
+ - Fix python modules with multiple scripts, by incrementing reference
+ counts.
+
+27 June 2023: George
+ - Merge #892: Add cachedb hit stat. Introduces 'num.query.cachedb' as
+ a new statistical counter.
+ - Remove warning about unknown cast-function-type warning pragma.
+
+22 June 2023: Wouter
+ - Merge #903: contrib: add yocto compatible init script.
+
+15 June 2023: Philip
+ - Fix for issue #887 (Timeouts to forward servers on BSD based
+ system with ASLR)
+ - Probably fixes #516 (Stream reuse does not work on Windows) as well
+
+14 June 2023: George
+ - Properly handle all return values of worker_check_request during
+ early EDE code.
+ - Do not check the incoming request more than once.
+
+12 June 2023: Wouter
+ - Merge #896: Fix: #895: pythonmodule: add all site-packages
+ directories to sys.path.
+ - Fix #895: python + sysconfig gives ANOTHER path comparing to
+ distutils.
+ - Fix for uncertain unit test for doh buffer size events.
+
+25 May 2023: Wouter
+ - Fix unbound-dnstap-socket printout when no query is present.
+ - Fix unbound-dnstap-socket time fraction conversion for printout.
+
+19 May 2023: Wouter
+ - Fix RPZ removal of client-ip, nsip, nsdname triggers from IXFR.
+ - Fix to remove unused variables from RPZ clientip data structure.
+
+16 May 2023: Wouter
+ - Fix #888: [FR] Use kernel timestamps for dnstap.
+ - Fix to print debug log for ancillary data with correct IP address.
+
+11 May 2023: Wouter
+ - Fix warning in windows compile, in set_recvtimestamp.
+
+4 May 2023: Wouter
+ - Fix #885: Error: util/configlexer.c: No such file or directory,
+ adds error messages explaining to install flex and bison.
+ - Fix to remove unused whitespace from acx_nlnetlabs.m4 and config.h.
+ - Fix doxygen in addr_to_nat64 header definition.
+
+1 May 2023: George
+ - Merge #722 from David 'eqvinox' Lamparter: NAT64 support.
+ - For #722: minor fixes, formatting, refactoring.
+
+1 May 2023: Wouter
+ - Fix RPZ IP responses with trigger rpz-drop on cache entries, that
+ they are dropped.
+
+26 April 2023: Philip
+ - Fix issue #860: Bad interaction with 0 TTL records and serve-expired
+
+26 April 2023: Wouter
+ - Merge #882 from vvfedorenko: Features/dropqueuedpackets, with
+ sock-queue-timeout option that drops packets that have been in the
+ socket queue for too long. Added statistics num.queries_timed_out
+ and query.queue_time_us.max that track the socket queue timeouts.
+ - Fix for #882: small changes, date updated in Copyright for
+ util/timeval_func.c and util/timeval_func.h. Man page entries and
+ example entry.
+ - Fix for #882: document variable to stop doxygen warning.
+
+19 April 2023: Wouter
+ - Fix for #878: Invalid IP address in unbound.conf causes Segmentation
+ Fault on OpenBSD.
+
+14 April 2023: Wouter
+ - Merge #875: change obsolete txt URL in unbound-anchor.c to point
+ to RFC 7958, and Fix #874.
+
+13 April 2023: Wouter
+ - Fix build badge, from failing travis link to github ci action link.
+
+6 April 2023: Wouter
+ - Fix for #870: Add test case for the qname minimisation and CNAME.
+
+4 April 2023: Wouter
+ - Fix #870: NXDOMAIN instead of NOERROR rcode when asked for existing
+ CNAME record.
+
+24 March 2023: Philip
+ - Fix issue #676: Unencrypted query is sent when
+ forward-tls-upstream: yes is used without tls-cert-bundle
+ - Extra consistency check to make sure that when TLS is requested,
+ either we set up a TLS connection or we return an error.
+
+21 March 2023: Philip
+ - Fix issue #851: reserved identifier violation
+
+20 March 2023: Wouter
+ - iana portlist update.
+
+17 March 2023: George
+ - Fix #812, fix #846, by using the SSL_OP_IGNORE_UNEXPECTED_EOF option
+ to ignore the unexpected eof while reading in openssl >= 3.
+
+16 March 2023: Wouter
+ - Fix ssl.h include brackets, instead of quotes.
+
+14 March 2023: Wouter
+ - Fix unbound-dnstap-socket test program to reply the finish frame
+ over a TLS connection correctly.
+
+23 February 2023: Wouter
+ - Fix for #852: Completion of error handling.
+
+21 February 2023: Philip
+ - Fix #825: Unexpected behavior with client-subnet-always-forward
+ and serve-expired
+
+10 February 2023: George
+ - Clean up iterator/iterator.c::error_response_cache() and allow for
+ better interaction with serve-expired, prefetch and cached error
+ responses.
+
+9 February 2023: George
+ - Allow TTL refresh of expired error responses.
+ - Add testcase for refreshing expired error responses.
+
+9 February 2023: Wouter
+ - Fix to ignore entirely empty responses, and try at another authority.
+ This turns completely empty responses, a type of noerror/nodata into
+ a servfail, but they do not conform to RFC2308, and the retry can
+ fetch improved content.
+ - Fix unit tests for spurious empty messages.
+ - Fix consistency of unit test without roundrobin answers for the
+ cnametooptout unit test.
+ - Fix to git ignore the library symbol file that configure can create.
+
+8 February 2023: Wouter
+ - Fix #841: Unbound won't build with aaaa-filter-iterator.patch.
+
+30 January 2023: George
+ - Add duration variable for speed_local.test.
+
+26 January 2023: Wouter
+ - Fix acx_nlnetlabs.m4 for -Wstrict-prototypes.
+
+23 January 2023: George
+ - Fix #833: [FR] Ability to set the Redis password.
+
+23 January 2023: Wouter
+ - Fix #835: [FR] Ability to use Redis unix sockets.
+
+20 January 2023: Wouter
+ - Merge #819: Added new static zone type block_a to suppress all A
+ queries for specific zones.
+
+19 January 2023: Wouter
+ - Set max-udp-size default to 1232. This is the same default value as
+ the default value for edns-buffer-size. It restricts client edns
+ buffer size choices, and makes unbound behave similar to other DNS
+ resolvers. The new choice, down from 4096 means it is harder to get
+ large responses from Unbound. Thanks to Xiang Li, from NISL Lab,
+ Tsinghua University.
+ - Add harden-unknown-additional option. It removes
+ unknown records from the authority section and additional section.
+ Thanks to Xiang Li, from NISL Lab, Tsinghua University.
+ - Set default for harden-unknown-additional to no. So that it does
+ not hamper future protocol developments.
+ - Fix test for new default.
+
+18 January 2023: Wouter
+ - Fix not following cleared RD flags potentially enables amplification
+ DDoS attacks, reported by Xiang Li and Wei Xu from NISL Lab,
+ Tsinghua University. The fix stops query loops, by refusing to send
+ RD=0 queries to a forwarder, they still get answered from cache.
+
+13 January 2023: Wouter
+ - Merge #826: Аdd a metric about the maximum number of collisions in
+ lrushah.
+ - Improve documentation for #826, describe the large collisions amount.
+
+9 January 2023: Wouter
+ - Fix python module install path detection.
+ - Fix python version detection in configure.
+
+6 January 2023: Wouter
+ - Fix #823: Response change to NODATA for some ANY queries since
+ 1.12, tested on 1.16.1.
+ - Fix wildcard in hyperlocal zone service degradation, reported
+ by Sergey Kacheev. This fix is included in 1.17.1rc2.
+ That became 1.17.1 on 12 Jan 2023, the code repo continues
+ with 1.17.2. 1.17.1 excludes fix #823, it is included forwards.
+
+5 January 2023: Wouter
+ - Tag for 1.17.1 release.
+
+2 January 2023: Wouter
+ - Fix windows compile for libunbound subprocess reap comm point closes.
+ - Update github workflows to use checkout v3.
+
+14 December 2022: George
+ - Merge #569 from JINMEI Tatuya: add keep-cache option to
+ 'unbound-control reload' to keep caches.
+
+13 December 2022: George
+ - Expose 'statistics-inhibit-zero' as a configuration option; the
+ default value retains Unbound's behavior.
+ - Expose 'max-sent-count' as a configuration option; the
+ default value retains Unbound's behavior.
+ - Merge #461 from Christian Allred: Add max-query-restarts option.
+ Exposes an internal configuration but the default value retains
+ Unbound's behavior.
+
+13 December 2022: Wouter
+ - Merge #808: Wrap Makefile script's directory variables in quotes.
+ - Fix to wrap Makefile scripts directory in quotes for uninstall.
+
1 December 2022: Wouter
- Fix #773: When used with systemd-networkd, unbound does not start
until systemd-networkd-wait-online.service times out.
projects / thirdparty / unbound.git / commitdiff
