2011年3月29日

[installer 2738] unbound-1.4.9

unbound-1.4.9 出ています。

☆ unbound-1.4.9
http://unbound.net/
http://unbound.net/downloads/unbound-1.4.9.tar.gz

http://www.unbound.net/download.html より:

Unbound 1.4.9
Download: unbound-1.4.9.tar.gz
SHA1 checksum: f2ac7b4ef1d1b330e2dd5e2eedeb6fd2bbad8478
SHA256 checksum: da0b989fe8cf10e43481343873eaedf60bef63be473c86d73d0254b79c5916b7
Date: 24 March, 2011

Bug Fixes

o Added explicit note on unbound-anchor usage: Please note usage of
unbound-anchor root anchor is at your own risk and under the terms
of our LICENSE (see that file in the source).
o Fix remove private address does not throw away entire response.
o [bugzilla: 361 ]
Fix, time.elapsed variable not reset with stats_noreset.
o Fix no ADflag for NXDOMAIN in NSEC3 optout. And wildcard in optout.
o give config parse error for multiple names on a stub or forward
zone.
o updated ldns tarball to 1.6.9(snapshot).
o iana portlist updated.


Older versions
Unbound 1.4.8
Download: unbound-1.4.8.tar.gz
SHA1 checksum: 557a9c10de9a83f88cd7c66d44488f1cb65de4fa
SHA256 checksum: 5bf4060d2e778a1268498f4937583726d1d36909d7f40900ee31a722a64d506f
Date: 24 January, 2011

Features

o harden-below-nxdomain config option, default off (because very old
software may be incompatible). We could enable it by default in the
future. From draft-vixie-dnsext-resimprove-00.
o typetransparent localzone: does not block other RR types.
o so-sndbuf option for very busy servers, a bit like so-rcvbuf.

Bug Fixes

o Fix so a changed NS RRset does not get moved name stuck on old
server, for type NS the TTL is not increased.
o Fix prefetch so it does not get stuck on old server for moved names.
o Fix insecure CNAME sequence marked as secure, reported by Bert
Hubert.
o faster lruhash get_mem routine.
o [bugzilla: 346 ]
remove ITAR scripts from contrib, the service is discontinued, use
the root.
o Fix in infra cache that could cause rto larger than TOP_TIMEOUT
kept.
o algorithm compromise protection using the algorithms signalled in
the DS record. Also, trust anchors, DLV, and RFC5011 receive this,
and thus, if you have multiple algorithms in your trust-anchor-file
then it will now behave different than before. Also, 5011 rollover
for algorithms needs to be double-signature until the old algorithm
is revoked.
o squelch 'tcp connect: bla' in logfile, (set verbosity 2 to see them)
o fix validation in this case: CNAME to nodata for co-hosted opt-in
NSEC3 insecure delegation, was bogus, fixed to be insecure.
o Fix our 'BDS' license (typo reported by Xavier Belanger).
o [bugzilla: 338 ]
print address when socket creation fails.
o Fix storage of EDNS failures in the infra cache.
o silence 'tcp connect: broken pipe' and 'net down' at low verbosity.
o unbound-anchor compiles with openssl 0.9.7.
o Be lenient and accept imgw.pl malformed packet (like BIND).
o the included ldns tarball is updated (to 1.6.8)
o iana portlist updated.

----
こがよういちろう


投稿者 xml-rpc : 2011年3月29日 13:06
役に立ちました?:
過去のフィードバック 平均:(0) 総合:(0) 投票回数:(0)
本記事へのTrackback: http://hoop.euqset.org/blog/mt-tb2006.cgi/102845
トラックバック
コメント
コメントする




画像の中に見える文字を入力してください。