From nobody Fri Aug 05 12:01:32 2022 X-Original-To: ports-bugs@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Lzkhs11Cbz4Xm9w for ; Fri, 5 Aug 2022 12:01:33 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Lzkhr5bGBz46JV for ; Fri, 5 Aug 2022 12:01:32 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Lzkhr4g5Szt6D for ; Fri, 5 Aug 2022 12:01:32 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 275C1W4O025161 for ; Fri, 5 Aug 2022 12:01:32 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 275C1WFh025160 for ports-bugs@FreeBSD.org; Fri, 5 Aug 2022 12:01:32 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 265645] dns/unbound: Update to 1.16.2 Date: Fri, 05 Aug 2022 12:01:32 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Ports & Packages X-Bugzilla-Component: Individual Port(s) X-Bugzilla-Version: Latest X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: jaap@NLnetLabs.nl X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: ports-bugs@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform bug_file_loc op_sys bug_status bug_severity priority component assigned_to reporter flagtypes.name attachments.created Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Ports bug reports List-Archive: https://lists.freebsd.org/archives/freebsd-ports-bugs List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-ports-bugs@freebsd.org X-BeenThere: freebsd-ports-bugs@freebsd.org MIME-Version: 1.0 ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1659700892; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=S4OgWByn9V+YT5QhWc80Pn4luNXG/TmRPQGTDxCi9OY=; b=JdsKcfJuMoF44XRUl7nE6g7656DfO3lPfVuGKY57XGhKwayYLIQ/mal6H4MDjZ9FR9Gu6f f+PY49b8WTfTts20F0rsbbu0aMTZZh+rVGIrU8cPwzh7pNjj4wgAMenuy7YeOrjG7/0egz PIrYANcpM+na8kG43FuZL31NAckCpOj3R0NgEDrlzSEjAX6khgv/kbNn0IYdoRyNTjizx8 ZpPDIRLtV4ejmdJ/GOmZwBoKeWqLNwXapPankgCY5tX4C6dsk0SWQ6OqDb4oE9HxV5JtM6 ujMJksJsJM03g0XtPOtPDAz1hjdKjOz00VMrwkKlKjh3IT26I+tFA2uCiSe93g== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1659700892; a=rsa-sha256; cv=none; b=niRa0rWdsp6Iy1Modl37OLBNW7t9kklqvIWNYnMUM+hg/NqgecE1LEhgDEjkleiaVUhIPe kyhbSAJMCAbI/jmlx78bEzcdUOD6hDhiPZ1uxj1XR9/kg42/ZGpft4PcyCQpGLCIEV4TMB NysAHc4RFQ6mPBls2JJLwIT6EddleP1i2PSKSpbEtCCu7rtGbbNA6kKX6JLKNDi7h8nmtm VQMjrmDyyg4DVtg+oxTG7ljedwrdsHi8aj3W+zKy/4uX8gkxOMoyX3tU46LP17TfRIjeNO CPcRLXfDP37K0we9kGZ4zhCTh6UOxWQ2v/jHDLffaXiEsD4vqM7l9HPDzYE8Jg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D265645 Bug ID: 265645 Summary: dns/unbound: Update to 1.16.2 Product: Ports & Packages Version: Latest Hardware: Any URL: https://www.nlnetlabs.nl/news/2022/Aug/01/unbound-1.16 .2-released/ OS: Any Status: New Severity: Affects Many People Priority: --- Component: Individual Port(s) Assignee: ports-bugs@FreeBSD.org Reporter: jaap@NLnetLabs.nl Attachment #235691 maintainer-approval+ Flags: Created attachment 235691 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D235691&action= =3Dedit patch to update This release fixes the novel ghost domain issues CVE-2022-30698 and CVE-2022-30699. They were reported by Xiang Li from the Network and Information Security Lab of Tsinghua University. Other than that there are some bug fixes, and an option to configure the max retransmit timeout, infra-cache-max-rtt. If left at default it does not make any change. Because it is a security fix point release, there is no RC1 release candidate. Features - Merge #718: Introduce infra-cache-max-rtt option to config max retransmit timeout. Bug Fixes - Fix the novel ghost domain issues CVE-2022-30698 and CVE-2022-30699. - Fix bug introduced in 'improve val_sigcrypt.c::algo_needs_missing for one loop pass'. - Merge PR #668 from Cristian Rodr=C3=ADguez: Set IP_BIND_ADDRESS_NO_PORT on outbound tcp sockets. - Fix verbose EDE error printout. - Fix dname count in sldns parse type descriptor for SVCB and HTTPS. - For windows crosscompile, fix setting the IPV6_MTU socket option equivalent (IPV6_USER_MTU); allows cross compiling with latest cross-compiler versions. - Merge PR 714: Avoid treat normal hosts as unresponsive servers. And fixup the lock code. - iana portlist update. - Update documentation for 'outbound-msg-retry:'. - Tests for ghost domain fixes. --=20 You are receiving this mail because: You are the assignee for the bug.=