upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-20 23:00:56 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

- These fixes are part of the 1.19.1 release, that is a security

Browse source 
point release on 1.19.0, the code repository continues with these
  fixes, with version number 1.19.2.
This commit is contained in:
W.C.A. Wijngaards 2024-02-13 14:03:30 +01:00
parent 56a2b564ef
commit be27499d39
3 changed files with 24 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
configure vendored
View file

@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
# Generated by GNU Autoconf 2.71 for unbound 1.19.1.
# Generated by GNU Autoconf 2.71 for unbound 1.19.2.
#
# Report bugs to <unbound-bugs@nlnetlabs.nl or https://github.com/NLnetLabs/unbound/issues>.
#
@ -622,8 +622,8 @@ MAKEFLAGS=
# Identity of this package.
PACKAGE_NAME='unbound'
PACKAGE_TARNAME='unbound'
PACKAGE_VERSION='1.19.1'
PACKAGE_STRING='unbound 1.19.1'
PACKAGE_VERSION='1.19.2'
PACKAGE_STRING='unbound 1.19.2'
PACKAGE_BUGREPORT='unbound-bugs@nlnetlabs.nl or https://github.com/NLnetLabs/unbound/issues'
PACKAGE_URL=''
@ -1507,7 +1507,7 @@ if test "$ac_init_help" = "long"; then
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
\`configure' configures unbound 1.19.1 to adapt to many kinds of systems.
\`configure' configures unbound 1.19.2 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@ -1573,7 +1573,7 @@ fi
if test -n "$ac_init_help"; then
case $ac_init_help in
short | recursive ) echo "Configuration of unbound 1.19.1:";;
short | recursive ) echo "Configuration of unbound 1.19.2:";;
esac
cat <<\_ACEOF
@ -1820,7 +1820,7 @@ fi
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
unbound configure 1.19.1
unbound configure 1.19.2
generated by GNU Autoconf 2.71
Copyright (C) 2021 Free Software Foundation, Inc.
@ -2477,7 +2477,7 @@ cat >config.log <<_ACEOF
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
It was created by unbound $as_me 1.19.1, which was
It was created by unbound $as_me 1.19.2, which was
generated by GNU Autoconf 2.71. Invocation command line was
$ $0$ac_configure_args_raw
@ -3241,11 +3241,11 @@ UNBOUND_VERSION_MAJOR=1
UNBOUND_VERSION_MINOR=19
UNBOUND_VERSION_MICRO=1
UNBOUND_VERSION_MICRO=2
LIBUNBOUND_CURRENT=9
LIBUNBOUND_REVISION=24
LIBUNBOUND_REVISION=25
LIBUNBOUND_AGE=1
# 1.0.0 had 0:12:0
# 1.0.1 had 0:13:0
@ -3337,6 +3337,7 @@ LIBUNBOUND_AGE=1
# 1.18.0 had 9:22:1
# 1.19.0 had 9:23:1
# 1.19.1 had 9:24:1
# 1.19.2 had 9:25:1
# Current -- the number of the binary API that we're implementing
# Revision -- which iteration of the implementation of the binary
@ -24144,7 +24145,7 @@ printf "%s\n" "#define MAXSYSLOGMSGLEN 10240" >>confdefs.h
version=1.19.1
version=1.19.2
date=`date +'%b %e, %Y'`
@ -24656,7 +24657,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
This file was extended by unbound $as_me 1.19.1, which was
This file was extended by unbound $as_me 1.19.2, which was
generated by GNU Autoconf 2.71. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@ -24724,7 +24725,7 @@ ac_cs_config_escaped=`printf "%s\n" "$ac_cs_config" | sed "s/^ //; s/'/'\\\\\\\\
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config='$ac_cs_config_escaped'
ac_cs_version="\\
unbound config.status 1.19.1
unbound config.status 1.19.2
configured by $0, generated by GNU Autoconf 2.71,
with options \\"\$ac_cs_config\\"

5
configure.ac
View file

@ -11,14 +11,14 @@ sinclude(dnscrypt/dnscrypt.m4)
# must be numbers. ac_defun because of later processing
m4_define([VERSION_MAJOR],[1])
m4_define([VERSION_MINOR],[19])
m4_define([VERSION_MICRO],[1])
m4_define([VERSION_MICRO],[2])
AC_INIT([unbound],m4_defn([VERSION_MAJOR]).m4_defn([VERSION_MINOR]).m4_defn([VERSION_MICRO]),[unbound-bugs@nlnetlabs.nl or https://github.com/NLnetLabs/unbound/issues],[unbound])
AC_SUBST(UNBOUND_VERSION_MAJOR, [VERSION_MAJOR])
AC_SUBST(UNBOUND_VERSION_MINOR, [VERSION_MINOR])
AC_SUBST(UNBOUND_VERSION_MICRO, [VERSION_MICRO])
LIBUNBOUND_CURRENT=9
LIBUNBOUND_REVISION=24
LIBUNBOUND_REVISION=25
LIBUNBOUND_AGE=1
# 1.0.0 had 0:12:0
# 1.0.1 had 0:13:0
@ -110,6 +110,7 @@ LIBUNBOUND_AGE=1
# 1.18.0 had 9:22:1
# 1.19.0 had 9:23:1
# 1.19.1 had 9:24:1
# 1.19.2 had 9:25:1
# Current -- the number of the binary API that we're implementing
# Revision -- which iteration of the implementation of the binary

8
doc/Changelog
View file

@ -1,3 +1,11 @@
13 February 2024: Wouter
- Fix CVE-2023-50387, DNSSEC verification complexity can be exploited
to exhaust CPU resources and stall DNS resolvers.
- Fix CVE-2023-50868, NSEC3 closest encloser proof can exhaust CPU.
- These fixes are part of the 1.19.1 release, that is a security
point release on 1.19.0, the code repository continues with these
fixes, with version number 1.19.2.
8 February 2024: Wouter
- Fix documentation for access-control in the unbound.conf man page.