[Bug 206347] dns/unbound update to 1.5.7 [PATCH]

Sun Jan 17 22:43:20 UTC 2016

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=206347

            Bug ID: 206347
           Summary: dns/unbound update to 1.5.7 [PATCH]
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Keywords: patch
          Severity: Affects Many People
          Priority: ---
         Component: Individual Port(s)
          Assignee: sem at FreeBSD.org
          Reporter: jaap at NLnetLabs.nl
                CC: erwin at FreeBSD.org
             Flags: maintainer-feedback?(sem at FreeBSD.org)
          Keywords: patch
          Assignee: sem at FreeBSD.org

Created attachment 165731
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=165731&action=edit
patch to update

Current unbound port is dated (version 1.5.5), current version is 1.5.7.

Some Upgrade Notes:

This release fixes a validation failure for nodata with wildcards and
emptynonterminals. Fixes OpenSSL Library compability. Fixes correct
response for malformed EDNS queries. And it has Windows changes to
make unbound portable possible. For crypto in libunbound there is
libnettle support.

Qname minimisation is implemented. Use qname-minimisation: yes to
enable it. This version sends the full query name when an error is
found for intermediate names. It should therefore not fail for names
on nonconformant servers. It combines well with
harden-below-nxdomain: yes because those nxdomains are probed by the
qname minimisation, and that will both stop privacy sensitive traffic
and reduce nonsense traffic to authority servers. So consider
enabling both. In this implementation IPv6 reverse lookups add
several labels per increment, because otherwise those lookups would be
very slow. [ Reference
https://tools.ietf.org/html/draft-ietf-dnsop-qname-minimisation-08 ]

More details at <http://unbound.net>

-- 
You are receiving this mail because:
You are the assignee for the bug.