obsolete

knot-resolver-2.4.0-1.el7

FEDORA-EPEL-2018-ccbe8e3c4d created by tkrizek 6 years ago for Fedora EPEL 7

Knot Resolver 2.4.0 (2018-07-03)

Incompatible changes

  • minimal libknot version is now 2.6.7 to pull in latest fixes (#366)

Security

  • fix a rare case of zones incorrectly dowgraded to insecure status (!576)

New features

  • TLS session resumption (RFC 5077), both server and client (!585, #105) (disabled when compiling with gnutls < 3.5)
  • TLS_FORWARD policy uses system CA certificate store by default (!568)
  • aggressive caching for NSEC3 zones (!600)
  • optional protection from DNS Rebinding attack (module rebinding, !608)
  • module bogus_log to log DNSSEC bogus queries without verbose logging (!613)

Bugfixes

  • prefill: fix ability to read certificate bundle (!578)
  • avoid turning off qname minimization in some cases, e.g. co.uk. (#339)
  • fix validation of explicit wildcard queries (#274)
  • dns64 module: more properties from the RFC implemented (incl. bug #375)

Improvements

  • systemd: multiple enabled kresd instances can now be started using kresd.target
  • ta_sentinel: switch to version 14 of the RFC draft (!596)
  • support for glibc systems with a non-Linux kernel (!588)
  • support per-request variables for Lua modules (!533)
  • support custom HTTP endpoints for Lua modules (!527)

This update has been submitted for testing by tkrizek.

6 years ago

This update has been pushed to testing.

6 years ago

This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes

6 years ago

This update has been obsoleted by knot-resolver-2.4.1-1.el7.

6 years ago

Please login to add feedback.

Metadata
Type
security
Karma
0
Signed
Content Type
RPM
Test Gating
Autopush Settings
Unstable by Karma
-3
Stable by Karma
1
Stable by Time
disabled
Thresholds
Minimum Karma
+1
Minimum Testing
7 days
Dates
submitted
6 years ago
in testing
6 years ago

Automated Test Results