diff options
Diffstat (limited to 'external/unbound/doc/Changelog')
-rw-r--r-- | external/unbound/doc/Changelog | 78 |
1 files changed, 78 insertions, 0 deletions
diff --git a/external/unbound/doc/Changelog b/external/unbound/doc/Changelog index 31f84c445..f06654de4 100644 --- a/external/unbound/doc/Changelog +++ b/external/unbound/doc/Changelog @@ -1,3 +1,81 @@ +29 May 2015: Wouter + - Fix that unparseable error responses are ratelimited. + - SOA negative TTL is capped at minimumttl in its rdata section. + - cache-max-negative-ttl config option, default 3600. + +26 May 2015: Wouter + - Document that ratelimit works with unbound-control set_option. + +21 May 2015: Wouter + - iana portlist update. + - documentation proposes ratelimit of 1000 (closer to what upstream + servers expect from us). + +20 May 2015: Wouter + - DLV is going to be decommissioned. Advice to stop using it, and + put text in the example configuration and man page to that effect. + +10 May 2015: Wouter + - Change syntax of particular validator error to be easier for + machine parse, swap rrset and ip adres info so it looks like: + validation failure <www.example.nl. TXT IN>: signature crypto + failed from 2001:DB8:7:bba4::53 for <*.example.nl. NSEC IN> + +1 May 2015: Wouter + - caps-whitelist in unbound.conf allows whitelist of loadbalancers + that cannot work with caps-for-id or its fallback. + +30 April 2015: Wouter + - Unit test for type ANY synthesis. + +22 April 2015: Wouter + - Removed contrib/unbound_unixsock.diff, because it has been + integrated, use control-interface: /path in unbound.conf. + - iana portlist update. + +17 April 2015: Wouter + - Synthesize ANY responses from cache. Does not search exhaustively, + but MX,A,AAAA,SOA,NS also CNAME. + - Fix leaked dns64prefix configuration string. + +16 April 2015: Wouter + - Add local-zone type inform_deny, that logs query and drops answer. + - Ratelimit does not apply to prefetched queries, and ratelimit-factor + is default 10. Repeated normal queries get resolved and with + prefetch stay in the cache. + - Fix bug#664: libunbound python3 related fixes (from Tomas Hozza) + Use print_function also for Python2. + libunbound examples: produce sorted output. + libunbound-Python: libldns is not used anymore. + Fix issue with Python 3 mapping of FILE* using file_py3.i from ldns. + +10 April 2015: Wouter + - unbound-control ratelimit_list lists high rate domains. + - ratelimit feature, ratelimit: 100, or some sensible qps, can be + used to turn it on. It ratelimits recursion effort per zone. + For particular names you can configure exceptions in unbound.conf. + - Fix that get_option for cache-sizes does not print double newline. + - Fix#663: ssl handshake fails when using unix socket because dh size + is too small. + +8 April 2015: Wouter + - Fix crash in dnstap: Do not try to log TCP responses after timeout. + +7 April 2015: Wouter + - Libunbound skips dos-line-endings from etc/hosts. + - Unbound exits with a fatal error when the auto-trust-anchor-file + fails to be writable. This is seconds after startup. You can + load a readonly auto-trust-anchor-file with trust-anchor-file. + The file has to be writable to notice the trust anchor change, + without it, a trust anchor change will be unnoticed and the system + will then become inoperable. + - unbound-control list_insecure command shows the negative trust + anchors currently configured, patch from Jelte Jansen. + +2 April 2015: Wouter + - Fix #660: Fix interface-automatic broken in the presence of + asymmetric routing. + 26 March 2015: Wouter - remote.c probedelay line is easier to read. - rename ldns subdirectory to sldns to avoid name collision. |