[Bug 206347] dns/unbound update to 1.5.7 [PATCH]
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Sun Jan 17 22:43:20 UTC 2016
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=206347
Bug ID: 206347
Summary: dns/unbound update to 1.5.7 [PATCH]
Product: Ports & Packages
Version: Latest
Hardware: Any
OS: Any
Status: New
Keywords: patch
Severity: Affects Many People
Priority: ---
Component: Individual Port(s)
Assignee: sem at FreeBSD.org
Reporter: jaap at NLnetLabs.nl
CC: erwin at FreeBSD.org
Flags: maintainer-feedback?(sem at FreeBSD.org)
Keywords: patch
Assignee: sem at FreeBSD.org
Created attachment 165731
--> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=165731&action=edit
patch to update
Current unbound port is dated (version 1.5.5), current version is 1.5.7.
Some Upgrade Notes:
This release fixes a validation failure for nodata with wildcards and
emptynonterminals. Fixes OpenSSL Library compability. Fixes correct
response for malformed EDNS queries. And it has Windows changes to
make unbound portable possible. For crypto in libunbound there is
libnettle support.
Qname minimisation is implemented. Use qname-minimisation: yes to
enable it. This version sends the full query name when an error is
found for intermediate names. It should therefore not fail for names
on nonconformant servers. It combines well with
harden-below-nxdomain: yes because those nxdomains are probed by the
qname minimisation, and that will both stop privacy sensitive traffic
and reduce nonsense traffic to authority servers. So consider
enabling both. In this implementation IPv6 reverse lookups add
several labels per increment, because otherwise those lookups would be
very slow. [ Reference
https://tools.ietf.org/html/draft-ietf-dnsop-qname-minimisation-08 ]
More details at <http://unbound.net>
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-ports-bugs
mailing list