From ca845e144747d852e049e6a0832001b08519c0e7 Mon Sep 17 00:00:00 2001 From: Tomas Krizek Date: Jan 23 2018 17:47:59 +0000 Subject: 1.5.3-1: new upstream release --- diff --git a/.gitignore b/.gitignore index cd49150..c7fcc7d 100644 --- a/.gitignore +++ b/.gitignore @@ -6,3 +6,4 @@ /knot-resolver-1.2.5.tar.xz.asc /knot-resolver-1.3.1.tar.xz.asc /knot-resolver-1.3.2.tar.xz.asc +/knot-resolver-1.5.3.tar.xz.asc diff --git a/knot-resolver.spec b/knot-resolver.spec index dc3d10d..cfeff21 100644 --- a/knot-resolver.spec +++ b/knot-resolver.spec @@ -3,8 +3,8 @@ # comment out this define using #%% if it is not a pre-release version # %% define PRERELEASE rc3 Name: knot-resolver -Version: 1.5.0 -Release: %{?PRERELEASE}%{?PRERELEASE:.}2%{?dist} +Version: 1.5.3 +Release: %{?PRERELEASE}%{?PRERELEASE:.}1%{?dist} Summary: Caching full DNS Resolver License: GPLv3 @@ -189,6 +189,56 @@ exit 0 %doc doc/html %changelog +* Tue Jan 23 2018 Tomas Krizek - 1.5.3-1 +- New upstream release 1.5.3 + +Knot Resolver 1.5.3 (2018-01-23) +================================ + +Bugfixes +-------- +- fix the hints module on some systems, e.g. Fedora. + Symptom: `undefined symbol: engine_hint_root_file` + + +Knot Resolver 1.5.2 (2018-01-22) +================================ + +Security +-------- +- fix CVE-2018-1000002: insufficient DNSSEC validation, allowing + attackers to deny existence of some data by forging packets. + Some combinations pointed out in RFC 6840 sections 4.1 and 4.3 + were not taken into account. + +Bugfixes +-------- +- memcached: fix fallout from module rename in 1.5.1 + + +Knot Resolver 1.5.1 (2017-12-12) +================================ + +Incompatible changes +-------------------- +- script supervisor.py was removed, please migrate to a real process manager +- module ketcd was renamed to etcd for consistency +- module kmemcached was renamed to memcached for consistency + +Bugfixes +-------- +- fix SIGPIPE crashes (#271) +- tests: work around out-of-space for platforms with larger memory pages +- lua: fix mistakes in bindings affecting 1.4.0 and 1.5.0 (and 1.99.1-alpha), + potentially causing problems in dns64 and workarounds modules +- predict module: various fixes (!399) + +Improvements +------------ +- add priming module to implement RFC 8109, enabled by default (#220) +- add modules helping with system time problems, enabled by default; + for details see documentation of detect_time_skew and detect_time_jump + * Fri Jan 05 2018 Tomas Krizek - 1.5.0-2 - add doc package - configure tarball signature verification diff --git a/sources b/sources index 8d91a58..c58786e 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -SHA512 (knot-resolver-1.5.0.tar.xz) = 4bc7cc52576ef6c43e89524a7b32bdf9e892c4a16316ade7f0e9ad8c342f3d2f7f1f6f5ce436336608c9951101ecadcab4c20a66dd24a98226df1cf8c14c0dfa -SHA512 (knot-resolver-1.5.0.tar.xz.asc) = 5c96a391ee70d670abcb010a88392e704665f2ae3c27287c95c3bf5b0c3a55417761becb72d352b61ec65d0d73c3ce86181226215fe4748a233ce82cef45ee22 +SHA512 (knot-resolver-1.5.3.tar.xz) = 9d301705ecc01b2c6a2f3084697a789406165c79444fdac96a3d58294f3288ea6d86be7002dff96cfbf597d9e771b8838a875afdfaae29b97eee173c08805c19 +SHA512 (knot-resolver-1.5.3.tar.xz.asc) = 0e266becbdb79fdbd785eaec8362833496f8cb668a5af4871ff5cb462e8b7ac62f9f5ecfb4cb71ac4a6db20aaa0b5ae795b95e33b0a5d38c3f215795f244b262