Update the internetnl branch to version 1.24.1 #7
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* Fix calling WSAPoll. * fast_reload: explicitly set tcp_wouldblock on Windows when there is no command to read from the fast_reload thread. * For poll(), also check for ENOMEM (Linux). * Remove ifdefs for ENOMEM. * Some systems return EAGAIN for poll.
- Merge NLnetLabs#1265: Fix WSAPoll.
compiled with libevent. It makes saturation of the task queue more resource intensive and less practical. Thanks to Shiming Liu, Network and Information Security Lab, Tsinghua University for the report.
2025. The code repository continues with 1.23.1 in development.
- Merge NLnetLabs#1275: Use macros for the fr_check_changed* functions.
- Auto-configure '-slabs' values to a power of 2 value close to num-threads by default for multi-threaded environments. Co-authored-by: Wouter Wijngaards <[email protected]>
- Merge NLnetLabs#1276: Auto-configure '-slabs' values.
… "name: ." in 1.23.0, but worked in 1.22.0.
- Fix NSEC3 code to not break on broken auth zones that include unsigned out of zone (above apex) data. Could lead to hang while trying to prove a wildcard answer. Reported by Dmitrii Kuvaiskii from Amazon Web Services. - Tests for NSEC3 auth zones with out of zone data.
- Merge NLnetLabs#1280: Fix auth nsec3 code. Fixes NSEC3 code to not break on broken auth zones that include unsigned out of zone (above apex) data. Could lead to hang while trying to prove a wildcard answer.
…ent bug) by adding a log_assert() to safeguard future development.
issue where the UDP socket send buffers are exhausted waiting for ARP/NDP resolution. Thanks to Reflyable for the report.
Thanks to Jim Greenwood from Nominet for the report.
Introduce restructuredText man pages to sync the online and source code man page documentation. The templated man pages (*.in) are still part of the repo but generated with docutils from their .rst counterpart. Documentation on how to generate those (mainly for core developers) are in README.man.
- Merge NLnetLabs#1285: RST man pages.
Also fixes NLnetLabs#310: unbound-checkconf not reporting RPZ configuration error.
… netbound program.
when the command takes no arguments but there are arguments present.
when the command takes no arguments but there are arguments present. Changelog note for the fix.
Wants=network-online.target under [Unit] in unbound.service.
systemd network configuration.
zonefile is read.
Thanks to Gal Bar Nahum for exposing the possibility of infinite reads on the session.
unbound/pythonmod/examples/log.py.
'parse_edns_options_from_query(...)'.
- Document max buffer sizes for Redis commands.
…Zs add a local CNAME rewrite.
- tag for 1.24.0rc1.
…Yuxiao Wu, Yunyi Zhang, Baojun Liu and Haixin Duan from Tsinghua University.
Unbound 1.24.1 This security release fixes CVE-2025-11411. Promiscuous NS RRSets that complement DNS replies in the authority section can be used to trick resolvers to update their delegation information for the zone. The CVE is described here https://nlnetlabs.nl/downloads/unbound/CVE-2025-11411.txt We would like to thank Yuxiao Wu, Yunyi Zhang, Baojun Liu and Haixin Duan from Tsinghua University for discovering and responsibly disclosing the vulnerability. Bug Fixes: - Fix CVE-2025-11411 (possible domain hijacking attack), reported by Yuxiao Wu, Yunyi Zhang, Baojun Liu and Haixin Duan from Tsinghua University.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Update the internetnl branch to version 1.24.1.
Compiles and Unbound tests pass.
Not tested for internetnl intergration.