Merge unbound from Debian unstable for 22.04

Bug #1946909 reported by Bryce Harrington
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
unbound (Ubuntu)
Undecided
Athos Ribeiro

Bug Description

Upstream: 1.13.2
Debian: 1.13.1-1
Ubuntu: 1.13.1-1ubuntu1

Debian typically updates unbound every 1-2 months on average, but it was last updated 21.02 and looks overdue. There is a new upstream version, however, so may be worth going ahead of debian and/or updating it in Debian and syncing it.

### New Debian Changes ###

unbound (1.13.1-1) unstable; urgency=medium

  * New upstream version 1.13.1
  * debian/gbp.conf: [import-orig] upstream-signatures = True
  * Drop debian/patches/0002-Fix-358-Squelch-udp-connect-no-route-to-host-
    errors-.patch (included in 1.13.1 release)
  * debian/copyright: 2021

 -- Robert Edmonds <email address hidden> Tue, 09 Feb 2021 17:53:57 -0500

unbound (1.13.0-1) unstable; urgency=medium

  * New upstream version 1.13.0
    - Fix CVE-2020-28935: PID file vulnerability (Closes: #977165)
  * debian/patches/0002-Fix-358-Squelch-udp-connect-no-route-to-host-
    errors-.patch: Cherry-pick upstream commit
    5906811ff19f005110b2edbda5aa144ad5fa05b1 to suppress UDP connect()
    errors on low verbosity

 -- Robert Edmonds <email address hidden> Wed, 23 Dec 2020 19:34:24 -0500

unbound (1.12.0-1) unstable; urgency=medium

  * New upstream version 1.12.0

 -- Robert Edmonds <email address hidden> Mon, 19 Oct 2020 00:35:38 -0400

unbound (1.11.0-1) unstable; urgency=medium

  [ Simon Deziel ]
  * systemd: don't create a PID file
  * debian/package-helper: mount --bind systemd notify socket into chroot
    (Closes: #867187)

  [ Robert Edmonds ]
  * New upstream version 1.11.0
    - Merge PR #241 by Robert Edmonds: contrib/libunbound.pc.in: Do not use
      'Requires:'. (Closes: #958331)
    - Introduce 'include-toplevel:' configuration option.
    - Adds its own implementation of Frame Streams for dnstap support.
  * debian/control: Remove build dependency on libfstrm-dev
  * debian/unbound.conf: Use 'include-toplevel:' instead of 'include:'
    (Closes: #950754)
  * debian/NEWS: Add entry for 1.11.0-1 regarding the change of
    /etc/unbound/unbound.conf to using the 'include-toplevel:' directive
  * debian/patches/: Refresh patches

 -- Robert Edmonds <email address hidden> Sun, 09 Aug 2020 20:57:15 -0400

unbound (1.10.1-1) unstable; urgency=high

  * New upstream version 1.10.1
    - Fix CVE-2020-12662: Unbound can be tricked into amplifying an incoming
      query into a large number of queries directed to a target.
    - Fix CVE-2020-12663: Malformed answers from upstream name servers can be
      used to make Unbound unresponsive.

 -- Robert Edmonds <email address hidden> Tue, 19 May 2020 11:36:53 -0400

unbound (1.10.0-1) unstable; urgency=medium

  [ Robert Edmonds ]
  * New upstream version 1.10.0
  * Drop debian/patches/0002-Allow-use-of-libbsd-functions-with-configure-
    option-.patch (applied upstream)

  [ Stuart Prescott ]
  * Drop Python 2 module package (Closes: #938752)

 -- Robert Edmonds <email address hidden> Sat, 18 Apr 2020 19:29:50 -0400

unbound (1.9.6-2) unstable; urgency=medium

  * debian/unbound.maintscript: Remove obsolete conffile
    /etc/unbound/unbound.conf.d/qname-minimisation.conf (Closes: #950406)

 -- Robert Edmonds <email address hidden> Sat, 01 Feb 2020 14:44:39 -0500

unbound (1.9.6-1) unstable; urgency=medium

  [ Robert Edmonds ]
  * New upstream version 1.9.6 (Closes: #948036)
    - Fixes 'unbound crashes with 'Assertion nread >= 0 failed in
      evmap_io_del_'' (Closes: #930699)
    - Fixes 'unbound: Fails to answer TCP queries due to broken idle-timeout'
      (Closes: #946421)
  * debian/source/options: Remove 'single-debian-patch' option
  * debian/unbound.service: Change ExecReload to send SIGHUP rather than
    using unbound-control (Closes: #923314)
  * Enable remote-control by default (Closes: #923314)
  * Allow use of libbsd functions with configure option --with-libbsd
  * Remove 'qname-minimisation: yes' config file setting, since this is
    now the default (Closes: #915056)
  * debian/package-helper: No longer invoke unbound-anchor for root trust
    anchor update (Closes: #910675)
  * debian/control: Bump Standards-Version to 4.5.0 (no changes)
  * debian/control: Remove build dependencies on autotools-dev, dh-
    autoreconf
  * debian/libunbound8.symbols: Add '* Build-Depends-Package: libunbound-
    dev'

### Old Ubuntu Delta ###

unbound (1.13.1-1ubuntu1) impish; urgency=medium

  * Enable DNS-over-HTTPS support (LP: #1927877)
    - d/control: add Build-Depends on libnghttp2-dev
    - d/rules: compile with libnghttp2

 -- Athos Ribeiro <email address hidden> Thu, 01 Jul 2021 11:16:26 -0300

Changed in unbound (Ubuntu):
assignee: nobody → Athos Ribeiro (athos-ribeiro)
Bryce Harrington (bryce)
description: updated
Revision history for this message
Dominic (triatic) wrote :

Please ensure that whatever happens, Unbound on Ubuntu continues to be compiled with the nghttp2 library. Unbound on Debian is currently not compiled with nghttp2.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers