5f4e7f
%{?!with_python:      %global with_python      1}
5f4e7f
%{?!with_munin:       %global with_munin       0}
5f4e7f
%{?!with_test:        %global with_test        1}
5f4e7f
5f4e7f
%if %{with_python}
5f4e7f
%{!?python_sitelib: %global python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib()")}
5f4e7f
%{!?python_sitearch: %global python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")}
5f4e7f
%endif
5f4e7f
5f4e7f
%global _hardened_build 1
5f4e7f
5f4e7f
Summary: Validating, recursive, and caching DNS(SEC) resolver
5f4e7f
Name: unbound
5f4e7f
Version: 1.6.6
5f4e7f
Release: 1%{?dist}
5f4e7f
License: BSD
5f4e7f
Url: https://unbound.net/
5f4e7f
Source: https://www.unbound.net/downloads/%{name}-%{version}.tar.gz
5f4e7f
Source1: unbound.service
5f4e7f
Source2: unbound.conf
5f4e7f
Source3: unbound.munin
5f4e7f
Source4: unbound_munin_
5f4e7f
Source5: root.key
5f4e7f
Source6: dlv.isc.org.key
5f4e7f
Source7: unbound-keygen.service
5f4e7f
Source8: tmpfiles-unbound.conf
5f4e7f
Source9: example.com.key
5f4e7f
Source10: example.com.conf
5f4e7f
Source11: block-example.com.conf
5f4e7f
Source12: https://data.iana.org/root-anchors/icannbundle.pem
5f4e7f
Source13: root.anchor
5f4e7f
Source14: unbound.sysconfig
5f4e7f
Source15: unbound-anchor.timer
5f4e7f
Source16: unbound-munin.README
5f4e7f
Source17: unbound-anchor.service
5f4e7f
5f4e7f
Patch1: unbound-1.6.3-longcheck-fixup.patch
5f4e7f
Patch3: unbound-1.6.3-print-test-fails.patch
5f4e7f
Patch4: unbound-1.6.3-coverity.patch
5f4e7f
# Randomize outgoing port too, do not fail on two running builds on one host
5f4e7f
Patch5: unbound-1.6.6-test-fwd_oneport.patch
5f4e7f
Group: System Environment/Daemons
5f4e7f
BuildRequires: openssl-devel
5f4e7f
%if %{with_test}
5f4e7f
# needed for the test suite
5f4e7f
BuildRequires: bind-utils
5f4e7f
BuildRequires: ldns
5f4e7f
BuildRequires: vim-common nmap-ncat
5f4e7f
%endif
5f4e7f
# needed to regenerate configparser
5f4e7f
BuildRequires: flex, byacc
5f4e7f
BuildRequires: libevent-devel expat-devel
5f4e7f
BuildRequires: pkgconfig
5f4e7f
%if %{with_python}
5f4e7f
BuildRequires:  python-devel swig
5f4e7f
%endif
5f4e7f
BuildRequires: systemd-units
5f4e7f
# Required for SVN versions
5f4e7f
# BuildRequires: bison
5f4e7f
5f4e7f
Requires(post): systemd
5f4e7f
Requires(preun): systemd
5f4e7f
Requires(postun): systemd
5f4e7f
Requires(pre): shadow-utils
5f4e7f
# Needed because /usr/sbin/unbound links unbound libs staticly
5f4e7f
Requires: %{name}-libs%{?_isa} = %{version}-%{release}
5f4e7f
5f4e7f
%description
5f4e7f
Unbound is a validating, recursive, and caching DNS(SEC) resolver.
5f4e7f
5f4e7f
The C implementation of Unbound is developed and maintained by NLnet
5f4e7f
Labs. It is based on ideas and algorithms taken from a java prototype
5f4e7f
developed by Verisign labs, Nominet, Kirei and ep.net.
5f4e7f
5f4e7f
Unbound is designed as a set of modular components, so that also
5f4e7f
DNSSEC (secure DNS) validation and stub-resolvers (that do not run
5f4e7f
as a server, but are linked into an application) are easily possible.
5f4e7f
5f4e7f
%if %{with_munin}
5f4e7f
%package munin
5f4e7f
Summary: Plugin for the munin / munin-node monitoring package
5f4e7f
Group:     System Environment/Daemons
5f4e7f
Requires: munin-node
5f4e7f
Requires: %{name} = %{version}-%{release}, bc
5f4e7f
BuildArch: noarch
5f4e7f
5f4e7f
%description munin
5f4e7f
Plugin for the munin / munin-node monitoring package
5f4e7f
%endif
5f4e7f
5f4e7f
%package devel
5f4e7f
Summary: Development package that includes the unbound header files
5f4e7f
Group: Development/Libraries
5f4e7f
Requires: %{name}-libs%{?_isa} = %{version}-%{release}, openssl-devel
5f4e7f
Requires: pkgconfig
5f4e7f
5f4e7f
%description devel
5f4e7f
The devel package contains the unbound library and the include files
5f4e7f
5f4e7f
%package libs
5f4e7f
Summary: Libraries used by the unbound server and client applications
5f4e7f
Group: Applications/System
5f4e7f
Requires(post): /sbin/ldconfig
5f4e7f
Requires(post): systemd
5f4e7f
Requires(post): grep
5f4e7f
Requires(post): sed
5f4e7f
Requires(post): util-linux
5f4e7f
Requires(preun): systemd
5f4e7f
Requires(postun): /sbin/ldconfig
5f4e7f
Requires(postun): systemd
5f4e7f
Requires: openssl >= 0.9.8g-12
5f4e7f
5f4e7f
# needed to make sure the redhat-release-xxx contains the presets file
5f4e7f
# which enables unbound-anchor.timer.
5f4e7f
# See https://bugzilla.redhat.com/show_bug.cgi?id=1215645#c5
5f4e7f
Conflicts: redhat-release-server < 7.2-7
5f4e7f
Conflicts: redhat-release-workstation < 7.2-5
5f4e7f
Conflicts: redhat-release-computenode < 7.2-5
5f4e7f
Conflicts: redhat-release-client < 7.2-4
5f4e7f
5f4e7f
%description libs
5f4e7f
Contains libraries used by the unbound server and client applications
5f4e7f
5f4e7f
%if %{with_python}
5f4e7f
%package python
5f4e7f
Summary: Python modules and extensions for unbound
5f4e7f
Group: Applications/System
5f4e7f
Requires: %{name}-libs%{?_isa} = %{version}-%{release}
5f4e7f
5f4e7f
%description python
5f4e7f
Python modules and extensions for unbound
5f4e7f
%endif
5f4e7f
5f4e7f
%prep
5f4e7f
%setup -q 
5f4e7f
%patch1 -p1 -b .longcheck-fixup
5f4e7f
%patch3 -p1 -b .testlog
5f4e7f
%patch4 -p1 -b .coverity
5f4e7f
%patch5 -p1 -b .test-fwd_oneport
5f4e7f
5f4e7f
# regrnerate config parser due to new options added
5f4e7f
echo "#include \"config.h\"" > util/configlexer.c || echo "Failed to create configlexer"
5f4e7f
echo "#include \"util/configyyrename.h\"" >> util/configlexer.c || echo "Failed to create configlexer"
5f4e7f
flex -i -t util/configlexer.lex >> util/configlexer.c  || echo "Failed to create configlexer"
5f4e7f
yacc -y -d -o util/configparser.c util/configparser.y || echo "Failed to create configparser"
5f4e7f
5f4e7f
%build
5f4e7f
%configure  --with-libevent --with-pthreads --with-ssl \
5f4e7f
            --disable-rpath --disable-static \
5f4e7f
            --enable-subnet --enable-ipsecmod \
5f4e7f
            --with-conf-file=%{_sysconfdir}/%{name}/unbound.conf \
5f4e7f
            --with-pidfile=%{_localstatedir}/run/%{name}/%{name}.pid \
5f4e7f
%if %{with_python}
5f4e7f
            --with-pythonmodule --with-pyunbound \
5f4e7f
%endif
5f4e7f
            --enable-sha2 --disable-gost --enable-ecdsa \
5f4e7f
            --with-rootkey-file=%{_sharedstatedir}/unbound/root.key
5f4e7f
5f4e7f
%{__make} %{?_smp_mflags}
5f4e7f
%{__make} %{?_smp_mflags} streamtcp
5f4e7f
5f4e7f
%install
5f4e7f
%{__make} DESTDIR=%{buildroot} install
5f4e7f
%{__make} DESTDIR=%{buildroot} unbound-event-install
5f4e7f
install -d 0755 %{buildroot}%{_unitdir} %{buildroot}%{_sysconfdir}/sysconfig
5f4e7f
install -p -m 0644 %{SOURCE1} %{buildroot}%{_unitdir}/unbound.service
5f4e7f
install -p -m 0644 %{SOURCE7} %{buildroot}%{_unitdir}/unbound-keygen.service
5f4e7f
install -p -m 0644 %{SOURCE15} %{buildroot}%{_unitdir}/unbound-anchor.timer
5f4e7f
install -p -m 0644 %{SOURCE17} %{buildroot}%{_unitdir}/unbound-anchor.service
5f4e7f
install -p -m 0755 %{SOURCE2} %{buildroot}%{_sysconfdir}/unbound
5f4e7f
install -p -m 0644 %{SOURCE12} %{buildroot}%{_sysconfdir}/unbound
5f4e7f
install -p -m 0644 %{SOURCE14} %{buildroot}%{_sysconfdir}/sysconfig/unbound
5f4e7f
install -p -m 0644 %{SOURCE16} .
5f4e7f
%if %{with_munin}
5f4e7f
# Install munin plugin and its softlinks
5f4e7f
install -d -m 0755 %{buildroot}%{_sysconfdir}/munin/plugin-conf.d
5f4e7f
install -p -m 0644 %{SOURCE3} %{buildroot}%{_sysconfdir}/munin/plugin-conf.d/unbound
5f4e7f
install -d -m 0755 %{buildroot}%{_datadir}/munin/plugins/
5f4e7f
install -p -m 0755 %{SOURCE4} %{buildroot}%{_datadir}/munin/plugins/unbound
5f4e7f
for plugin in unbound_munin_hits unbound_munin_queue unbound_munin_memory unbound_munin_by_type unbound_munin_by_class unbound_munin_by_opcode unbound_munin_by_rcode unbound_munin_by_flags unbound_munin_histogram; do
5f4e7f
    ln -s unbound %{buildroot}%{_datadir}/munin/plugins/$plugin
5f4e7f
done
5f4e7f
%endif
5f4e7f
5f4e7f
# install streamtcp used for monitoring / debugging unbound's port 80/443 modes
5f4e7f
install -m 0755 streamtcp %{buildroot}%{_sbindir}/unbound-streamtcp
5f4e7f
# install streamtcp man page
5f4e7f
install -m 0644 testcode/streamtcp.1 %{buildroot}/%{_mandir}/man1/unbound-streamtcp.1
5f4e7f
5f4e7f
install -D -m 0644 contrib/libunbound.pc %{buildroot}/%{_libdir}/pkgconfig/libunbound.pc
5f4e7f
5f4e7f
5f4e7f
# Install tmpfiles.d config
5f4e7f
install -d -m 0755 %{buildroot}%{_tmpfilesdir} %{buildroot}%{_sharedstatedir}/unbound
5f4e7f
install -m 0644 %{SOURCE8} %{buildroot}%{_tmpfilesdir}/unbound.conf
5f4e7f
5f4e7f
# install root and DLV key - we keep a copy of the root key in old location,
5f4e7f
# in case user has changed the configuration and we wouldn't update it there
5f4e7f
install -m 0644 %{SOURCE5} %{SOURCE6} %{buildroot}%{_sysconfdir}/unbound/
5f4e7f
install -m 0644 %{SOURCE13} %{buildroot}%{_sharedstatedir}/unbound/root.key
5f4e7f
5f4e7f
# remove static library from install (fedora packaging guidelines)
5f4e7f
rm %{buildroot}%{_libdir}/*.la
5f4e7f
%if %{with_python}
5f4e7f
rm %{buildroot}%{python_sitearch}/*.la
5f4e7f
%endif
5f4e7f
5f4e7f
# create softlink for all functions of libunbound man pages
5f4e7f
for mpage in ub_ctx ub_result ub_ctx_create ub_ctx_delete ub_ctx_set_option ub_ctx_get_option ub_ctx_config ub_ctx_set_fwd ub_ctx_resolvconf ub_ctx_hosts ub_ctx_add_ta ub_ctx_add_ta_file ub_ctx_trustedkeys ub_ctx_debugout ub_ctx_debuglevel ub_ctx_async ub_poll ub_wait ub_fd ub_process ub_resolve ub_resolve_async ub_cancel ub_resolve_free ub_strerror ub_ctx_print_local_zones ub_ctx_zone_add ub_ctx_zone_remove ub_ctx_data_add ub_ctx_data_remove;
5f4e7f
do
5f4e7f
  echo ".so man3/libunbound.3" > %{buildroot}%{_mandir}/man3/$mpage ;
5f4e7f
done
5f4e7f
5f4e7f
mkdir -p %{buildroot}%{_localstatedir}/run/unbound
5f4e7f
5f4e7f
# Install directories for easier config file drop in
5f4e7f
5f4e7f
mkdir -p %{buildroot}%{_sysconfdir}/unbound/{keys.d,conf.d,local.d}
5f4e7f
install -p %{SOURCE9} %{buildroot}%{_sysconfdir}/unbound/keys.d/
5f4e7f
install -p %{SOURCE10} %{buildroot}%{_sysconfdir}/unbound/conf.d/
5f4e7f
install -p %{SOURCE11} %{buildroot}%{_sysconfdir}/unbound/local.d/
5f4e7f
5f4e7f
# Link unbound-control-setup.8 manpage to unbound-control.8
5f4e7f
echo ".so man8/unbound-control.8" > %{buildroot}/%{_mandir}/man8/unbound-control-setup.8
5f4e7f
5f4e7f
%files 
5f4e7f
%doc doc/README doc/CREDITS doc/LICENSE doc/FEATURES
5f4e7f
%{_unitdir}/%{name}.service
5f4e7f
%{_unitdir}/%{name}-keygen.service
5f4e7f
%attr(0755,unbound,unbound) %dir %{_localstatedir}/run/%{name}
5f4e7f
%attr(0644,root,root) %{_tmpfilesdir}/unbound.conf
5f4e7f
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/%{name}/unbound.conf
5f4e7f
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/sysconfig/%{name}
5f4e7f
%dir %attr(0755,root,unbound) %{_sysconfdir}/%{name}/keys.d
5f4e7f
%attr(0664,root,unbound) %config(noreplace) %{_sysconfdir}/%{name}/keys.d/*.key
5f4e7f
%dir %attr(0755,root,unbound) %{_sysconfdir}/%{name}/conf.d
5f4e7f
%attr(0664,root,unbound) %config(noreplace) %{_sysconfdir}/%{name}/conf.d/*.conf
5f4e7f
%dir %attr(0755,root,unbound) %{_sysconfdir}/%{name}/local.d
5f4e7f
%attr(0664,root,unbound) %config(noreplace) %{_sysconfdir}/%{name}/local.d/*.conf
5f4e7f
%{_sbindir}/unbound
5f4e7f
%{_sbindir}/unbound-checkconf
5f4e7f
%{_sbindir}/unbound-control
5f4e7f
%{_sbindir}/unbound-control-setup
5f4e7f
%{_sbindir}/unbound-host
5f4e7f
%{_sbindir}/unbound-streamtcp
5f4e7f
%{_mandir}/man1/*
5f4e7f
%{_mandir}/man5/*
5f4e7f
%{_mandir}/man8/*
5f4e7f
5f4e7f
%if %{with_python}
5f4e7f
%files python
5f4e7f
%{python_sitearch}/*
5f4e7f
%doc libunbound/python/examples/*
5f4e7f
%doc pythonmod/examples/*
5f4e7f
%endif
5f4e7f
5f4e7f
%if %{with_munin}
5f4e7f
%files munin
5f4e7f
%config(noreplace) %{_sysconfdir}/munin/plugin-conf.d/unbound
5f4e7f
%{_datadir}/munin/plugins/unbound*
5f4e7f
%doc unbound-munin.README
5f4e7f
%endif
5f4e7f
5f4e7f
%files devel
5f4e7f
%{_libdir}/libunbound.so
5f4e7f
%{_includedir}/unbound.h
5f4e7f
%{_includedir}/unbound-event.h
5f4e7f
%{_mandir}/man3/*
5f4e7f
%doc README
5f4e7f
%{_libdir}/pkgconfig/*.pc
5f4e7f
5f4e7f
%files libs
5f4e7f
%attr(0755,root,root) %dir %{_sysconfdir}/%{name}
5f4e7f
%{_sbindir}/unbound-anchor
5f4e7f
%{_libdir}/libunbound.so.*
5f4e7f
%{_sysconfdir}/%{name}/icannbundle.pem
5f4e7f
%{_unitdir}/unbound-anchor.timer
5f4e7f
%{_unitdir}/unbound-anchor.service
5f4e7f
%dir %attr(0755,unbound,unbound) %{_sharedstatedir}/%{name}
5f4e7f
# this file will be modified always after installation
5f4e7f
%attr(0644,unbound,unbound) %config(noreplace) %{_sharedstatedir}/%{name}/root.key
5f4e7f
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/%{name}/dlv.isc.org.key
5f4e7f
# just left for backwards compat with user changed unbound.conf files - format is different!
5f4e7f
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/%{name}/root.key
5f4e7f
%doc doc/README doc/LICENSE
5f4e7f
5f4e7f
%pre libs
5f4e7f
getent group unbound >/dev/null || groupadd -r unbound
5f4e7f
getent passwd unbound >/dev/null || \
5f4e7f
useradd -r -g unbound -d %{_sysconfdir}/unbound -s /sbin/nologin \
5f4e7f
-c "Unbound DNS resolver" unbound
5f4e7f
exit 0
5f4e7f
5f4e7f
%post
5f4e7f
%systemd_post unbound.service
5f4e7f
%systemd_post unbound-keygen.service
5f4e7f
5f4e7f
%post libs 
5f4e7f
/sbin/ldconfig
5f4e7f
# If update contains new keys not already in database, use package keys
5f4e7f
if [ "$1" -eq 2 -a -f %{_sharedstatedir}/unbound/root.key.rpmnew ]; then
5f4e7f
        /sbin/runuser --command="
5f4e7f
	cp -pf %{_sharedstatedir}/unbound/root.key %{_sharedstatedir}/unbound/root.key.rpmupdate && \
5f4e7f
	sed -e 's/;.*//' -e '/^[[:space:]]*$/ d' %{_sharedstatedir}/unbound/root.key.rpmnew | while read KEY;
5f4e7f
	do
5f4e7f
		if ! grep -q \"\$KEY\" %{_sharedstatedir}/unbound/root.key.rpmupdate; then
5f4e7f
			echo \"\$KEY\" >> %{_sharedstatedir}/unbound/root.key.rpmupdate || exit 1;
5f4e7f
		fi;
5f4e7f
	done && \
5f4e7f
	mv %{_sharedstatedir}/unbound/root.key.rpmupdate %{_sharedstatedir}/unbound/root.key" --shell /bin/sh unbound || :
5f4e7f
fi
5f4e7f
%{_sbindir}/runuser  --command="%{_sbindir}/unbound-anchor -a %{_sharedstatedir}/unbound/root.key -c %{_sysconfdir}/unbound/icannbundle.pem"  --shell /bin/sh unbound ||:
5f4e7f
%systemd_post unbound-anchor.timer
5f4e7f
# the Unit is in presets, but would be started afte reboot
5f4e7f
/bin/systemctl start unbound-anchor.timer >/dev/null 2>&1 || :
5f4e7f
5f4e7f
%preun
5f4e7f
%systemd_preun unbound.service
5f4e7f
%systemd_preun unbound-keygen.service
5f4e7f
5f4e7f
%preun libs
5f4e7f
%systemd_preun unbound-anchor.timer
5f4e7f
5f4e7f
%postun 
5f4e7f
%systemd_postun_with_restart unbound.service
5f4e7f
%systemd_postun unbound-keygen.service
5f4e7f
5f4e7f
%postun libs
5f4e7f
/sbin/ldconfig
5f4e7f
%systemd_postun_with_restart unbound-anchor.timer
5f4e7f
5f4e7f
%triggerun -- unbound < 1.4.12-4
5f4e7f
# Save the current service runlevel info
5f4e7f
# User must manually run systemd-sysv-convert --apply unbound
5f4e7f
# to migrate them to systemd targets
5f4e7f
/usr/bin/systemd-sysv-convert --save unbound >/dev/null 2>&1 ||:
5f4e7f
5f4e7f
# Run these because the SysV package being removed won't do them
5f4e7f
/sbin/chkconfig --del unbound >/dev/null 2>&1 || :
5f4e7f
/bin/systemctl try-restart unbound.service >/dev/null 2>&1 || :
5f4e7f
/bin/systemctl try-restart unbound-keygen.service >/dev/null 2>&1 || :
5f4e7f
5f4e7f
5f4e7f
%check
5f4e7f
%if %{with_test}
5f4e7f
  make check
5f4e7f
  make longcheck
5f4e7f
%endif
5f4e7f
5f4e7f
%changelog
5f4e7f
* Wed Oct 11 2017 Petr Menšík <pemensik@redhat.com> - 1.6.6-1
5f4e7f
- Rebase to 1.6.6
5f4e7f
- Enable RFC 8145 Trust Anchor Signaling to help the root zone get keytag statistics
5f4e7f
- Enable ipsecmod support
5f4e7f
5f4e7f
* Sun Sep 17 2017 Petr Menšík <pemensik@redhat.com> - 1.6.3-3
5f4e7f
- Update project website and ICANN key
5f4e7f
5f4e7f
* Wed Aug 30 2017 Petr Menšík <pemensik@redhat.com> - 1.6.3-2
5f4e7f
- Install unbound-event.h
5f4e7f
5f4e7f
* Fri Aug 18 2017 Petr Menšík <pemensik@redhat.com> - 1.6.3-1
5f4e7f
- Rebase to 1.6.3
5f4e7f
5f4e7f
* Fri Jun 02 2017 Petr Menšík <pemensik@redhat.com> - 1.4.20-34
5f4e7f
- Make merge of updated database more safe
5f4e7f
5f4e7f
* Wed May 24 2017 Petr Menšík <pemensik@redhat.com> - 1.4.20-33
5f4e7f
- Update also built-in digest in unbound-anchor
5f4e7f
5f4e7f
* Wed May 24 2017 Petr Menšík <pemensik@redhat.com> - 1.4.20-32
5f4e7f
- Update trust anchors (#1452636)
5f4e7f
- Update managed keys from trigger
5f4e7f
5f4e7f
* Mon Mar 27 2017 Tomas Hozza <thozza@redhat.com> - 1.4.20-31
5f4e7f
- Run internal test suite during build (#1383722)
5f4e7f
5f4e7f
* Thu Feb 02 2017 Tomas Hozza <thozza@redhat.com> - 1.4.20-30
5f4e7f
- Added cache-max-negative-ttl option to the default configuration file (#1382383)
5f4e7f
5f4e7f
* Tue Oct 11 2016 Tomas Hozza <thozza@redhat.com> - 1.4.20-29
5f4e7f
- Added cache-max-negative-ttl option (#1382383)
5f4e7f
5f4e7f
* Fri May 20 2016 Pavel Å imerda <psimerda@redhat.com> - 1.4.20-28
5f4e7f
- Related: #1245250 - depend on the right ldns version
5f4e7f
5f4e7f
* Thu May 19 2016 Pavel Å imerda <psimerda@redhat.com> - 1.4.20-27
5f4e7f
- Resolves: #1245250 - enable ecdsa
5f4e7f
5f4e7f
* Tue Sep 22 2015 Tomas Hozza <thozza@redhat.com> - 1.4.20-26
5f4e7f
- Added Conficts on redhat-release packages without unbound-anchor.timer in presets (Related #1215645)
5f4e7f
5f4e7f
* Tue Sep 15 2015 Tomas Hozza <thozza@redhat.com> - 1.4.20-25
5f4e7f
- Resolve ordering loop with nss-lookup.target and ntpdate (#1259806)
5f4e7f
5f4e7f
* Wed Aug 19 2015 Tomas Hozza <thozza@redhat.com> - 1.4.20-24
5f4e7f
- Fix CVE-2014-8602 (#1253961)
5f4e7f
5f4e7f
* Tue May 26 2015 Tomas Hozza <thozza@redhat.com> - 1.4.20-23
5f4e7f
- Removed usage of DLV from the default configuration (#1223339)
5f4e7f
5f4e7f
* Wed May 13 2015 Tomas Hozza <thozza@redhat.com> - 1.4.20-22
5f4e7f
- unbound.service now Wants unbound-anchor.timer (Related: #1180267)
5f4e7f
5f4e7f
* Tue May 12 2015 Tomas Hozza <thozza@redhat.com> - 1.4.20-21
5f4e7f
- Fix dependencies and minor scriptlet issues due to systemd timer unit (Related: #1180267)
5f4e7f
5f4e7f
* Mon Apr 27 2015 Tomas Hozza <thozza@redhat.com> - 1.4.20-20
5f4e7f
- Install tmpfiles configuration into /usr/lib/tmpfiles.d (#1180995)
5f4e7f
- Fix root key management to comply to RFC5011 (#1180267)
5f4e7f
5f4e7f
* Fri Jan 24 2014 Daniel Mach <dmach@redhat.com> - 1.4.20-19
5f4e7f
- Mass rebuild 2014-01-24
5f4e7f
5f4e7f
* Fri Dec 27 2013 Daniel Mach <dmach@redhat.com> - 1.4.20-18
5f4e7f
- Mass rebuild 2013-12-27
5f4e7f
5f4e7f
* Wed Sep 04 2013 Tomas Hozza <thozza@redhat.com> - 1.4.20-17
5f4e7f
- Don't build unbound-munin package (#1002874)
5f4e7f
5f4e7f
* Mon Aug 26 2013 Tomas Hozza <thozza@redhat.com> - 1.4.20-16
5f4e7f
- Fix errors found by static analysis of source
5f4e7f
5f4e7f
* Mon Jul 22 2013 Tomas Hozza <thozza@redhat.com> - 1.4.20-15
5f4e7f
- provide man page for unbound-streamtcp
5f4e7f
5f4e7f
* Wed Jul 03 2013 Tomas Hozza <thozza@redhat.com> - 1.4.20-14
5f4e7f
- remove missing unbound-rootkey.service from post/preun/postun sections
5f4e7f
- don't hardcode hardening flags, let hardened build macro handles it
5f4e7f
5f4e7f
* Sat Jun 01 2013 Paul Wouters <pwouters@redhat.com> - 1.4.20-13
5f4e7f
- Run unbound-anchor as user unbound in unbound.service
5f4e7f
5f4e7f
* Tue May 28 2013 Paul Wouters <pwouters@redhat.com> - 1.4.20-12
5f4e7f
- Enable round-robin (with noths() patch)
5f4e7f
- Change cron and systemd service to use root.key, not root.anchor
5f4e7f
5f4e7f
* Sat May 25 2013 Paul Wouters <pwouters@redhat.com> - 1.4.20-10
5f4e7f
- Use /var/lib/unbound/root.key (more consistent with other distros)
5f4e7f
- Enable minimal responses
5f4e7f
5f4e7f
* Mon Apr 22 2013 Paul Wouters <pwouters@redhat.com> - 1.4.20-8
5f4e7f
- Refix
5f4e7f
5f4e7f
* Fri Apr 19 2013 Paul Wouters <pwouters@redhat.com> - 1.4.20-7
5f4e7f
- Fix runuser call in post.
5f4e7f
5f4e7f
* Tue Apr 16 2013 Paul Wouters <pwouters@redhat.com> - 1.4.20-6
5f4e7f
- /var/lib/unbound should be owned by unbound. group write is not enough
5f4e7f
5f4e7f
* Fri Apr 12 2013 Paul Wouters <pwouters@redhat.com> - 1.4.20-5
5f4e7f
- Fix cron job syntax (rhbz#951725)
5f4e7f
- Use install -p to prevent .rpmnew files that are identical to originals
5f4e7f
5f4e7f
* Mon Apr 8 2013 Paul Wouters <pwouters@redhat.com> - 1.4.20-4
5f4e7f
- Updated to 1.4.20
5f4e7f
- Build with full RELRO (not use -z,relro but with -z,relo,-z,now)
5f4e7f
- Fixup man page for unbound-control-setup
5f4e7f
- unbound.service should start before nss-lookup.target (rhbz#919955)
5f4e7f
- Removed patch for rhbz#888759 merged in upstream
5f4e7f
- Move root.anchor to /var/lib/unbound to make selinux policy easier for updating (rhbz#896599/rhbz#891008)
5f4e7f
- Move cronjob for root.anchor from unbound to unbound-libs, require crontabs
5f4e7f
- /etc/unbound (and all) should be owned by unbound-libs (rhbz#909691)
5f4e7f
- Remove Obsolete/Provides for dnssec-conf which was last seen in f13
5f4e7f
- Ensure any unbound-anchor failure in post is ignored
5f4e7f
5f4e7f
* Tue Mar 05 2013 Adam Tkac <atkac redhat com> - 1.4.19-5
5f4e7f
- build with full RELRO
5f4e7f
- symlink unbound-control-setup.8 manpage to unbound-control.8
5f4e7f
5f4e7f
* Fri Feb 15 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.19-4
5f4e7f
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
5f4e7f
5f4e7f
* Wed Dec 12 2012 Paul Wouters <pwouters@redhat.com> - 1.4.19-3
5f4e7f
- Updated to 1.4.19 - this integrates all existing patches
5f4e7f
- Patch for unbound-anchor (rhbz#888759)
5f4e7f
5f4e7f
* Fri Nov 09 2012 Paul Wouters <pwouters@redhat.com> - 1.4.18-6
5f4e7f
- Patch to ensure stube-zone's aren't lost when using dnssec-triggerd
5f4e7f
- added unbound-munin.README file
5f4e7f
5f4e7f
* Wed Sep 26 2012 Paul Wouters <pwouters@redhat.com> - 1.4.18-5
5f4e7f
- Patch to allow wildcards in include: statements
5f4e7f
- Add directories /etc/unbound/keys.d,conf.d,local.d with
5f4e7f
  example entries
5f4e7f
- Added /etc/unbound/root.anchor, maintained by unbound-anchor
5f4e7f
  which is installed as monthly cron and PreExec in systemd config
5f4e7f
  (root.key is unused, but left installed in case people depend on it)
5f4e7f
- Native systemd (simple) and /etc/sysconfig/unbound support
5f4e7f
- Run unbound-checkconf in PreExec
5f4e7f
- Moved trust anchor related files to unbound-libs, as they can
5f4e7f
  be used without the daemon.
5f4e7f
- sub packages now depends on base package of same arch
5f4e7f
- Build munin package as noarch
5f4e7f
- unbound-anchor moved to unbound-libs package. It is needed
5f4e7f
  to update the root.anchor key file.
5f4e7f
5f4e7f
* Tue Sep 04 2012 Paul Wouters <pwouters@redhat.com> - 1.4.18-3
5f4e7f
- Fix openssl thread locking bug under high query load
5f4e7f
5f4e7f
* Thu Aug 23 2012 Paul Wouters <pwouters@redhat.com> - 1.4.18-2
5f4e7f
- Use new systemd-rpm macros (rhbz#850351)
5f4e7f
- Clean up old obsoleted dnssec-conf from < fedora 15
5f4e7f
5f4e7f
* Fri Aug 03 2012 Paul Wouters <pwouters@redhat.com> - 1.4.18-1
5f4e7f
- Updated to 1.4.18 (FIPS related fixes mostly)
5f4e7f
- Removed patches that were merged in upstream
5f4e7f
- Added comment to root.key
5f4e7f
5f4e7f
* Mon Jul 23 2012 Paul Wouters <pwouters@redhat.com> - 1.4.17-5
5f4e7f
- Fix for unbound crasher (upstream bug #452)
5f4e7f
- Support libunbound functions in man pages and place in -devel
5f4e7f
5f4e7f
* Sun Jul 22 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.17-4
5f4e7f
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
5f4e7f
5f4e7f
* Tue Jul 03 2012 Paul Wouters <pwouters@redhat.com> - 1.4.17-3
5f4e7f
- unbound FIPS patches for MD5,randomness (rhbz#835106)
5f4e7f
5f4e7f
* Fri Jun 15 2012 Adam Tkac <atkac redhat com> - 1.4.17-2
5f4e7f
- don't build unbound-munin on RHEL
5f4e7f
5f4e7f
* Thu May 24 2012 Paul Wouters <pwouters@redhat.com> - 1.4.17-1
5f4e7f
- Updated to 1.4.17 (which mostly brings in patches we already
5f4e7f
  applied from svn trunk)
5f4e7f
5f4e7f
* Wed Feb 29 2012 Paul Wouters <pwouters@redhat.com> - 1.4.16-3 
5f4e7f
- Since the daemon links to the libs staticly, add Requires:
5f4e7f
  (this is rhbz#745288)
5f4e7f
- Package up streamtcp as unbound-streamtcp (for monitoring)
5f4e7f
5f4e7f
* Mon Feb 27 2012 Paul Wouters <pwouters@redhat.com> - 1.4.16-2
5f4e7f
- Don't ghost the directory (rhbz#788805)
5f4e7f
- Patch for unbound to support unbound-control forward_zone
5f4e7f
  (needed for openswan in XAUTH mode)
5f4e7f
5f4e7f
* Thu Feb 02 2012 Paul Wouters <paul@nohats.ca> - 1.4.16-1
5f4e7f
- Upgraded to 1.4.16, which was relesed due to the soname
5f4e7f
  and some DNSSEC validation failures
5f4e7f
5f4e7f
* Wed Feb 01 2012 Paul Wouters <paul@nohats.ca> - 1.4.15-2
5f4e7f
- Patch for SONAME version (libtool's -version-number vs -version-info)
5f4e7f
5f4e7f
* Fri Jan 27 2012 Paul Wouters <pwouters@redhat.com> - 1.4.15-1
5f4e7f
- Upgraded to 1.4.15
5f4e7f
- Updated unbound.conf to show how to configure listening on tls443
5f4e7f
5f4e7f
* Sat Jan 14 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.14-2
5f4e7f
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
5f4e7f
5f4e7f
* Mon Dec 19 2011 Paul Wouters <paul@cypherpunks.ca> - 1.4.14-1
5f4e7f
- Upgraded to 1.4.14 for CVE-2011-4528 / VU#209659
5f4e7f
- SSL-wrapped query support for dnssec-trigger
5f4e7f
- EDNS handling changes
5f4e7f
- Removed integrated EDNS patches
5f4e7f
- Disabled use-caps-for-id, GoDaddy domains now break on it
5f4e7f
- Enabled new harden-below-nxdomain
5f4e7f
5f4e7f
* Thu Sep 15 2011 Paul Wouters <paul@xelerance.com> - 1.4.13-1
5f4e7f
- Upgraded to 1.4.13
5f4e7f
- Removed merged in pythonmod patch
5f4e7f
- Added EDNS1480 patch to fix unbound on broken EDNS/UDP networks
5f4e7f
- Fix python to go into sitearch instead of sitelib
5f4e7f
5f4e7f
* Wed Sep 14 2011 Tom Callaway <spot@fedoraproject.org> - 1.4.12-4
5f4e7f
- convert to systemd, tmpfiles.d
5f4e7f
5f4e7f
* Mon Aug 08 2011 Paul Wouters <paul@xelerance.com> - 1.4.12-3
5f4e7f
- Added pythonmod docs and examples
5f4e7f
5f4e7f
* Mon Aug 08 2011 Paul Wouters <paul@xelerance.com> - 1.4.12-2
5f4e7f
- Fix for python module load in the server (Tom Hendrikx)
5f4e7f
- No longer enable --enable-debug as it causes degraded  performance
5f4e7f
  under load.
5f4e7f
5f4e7f
* Mon Jul 18 2011 Paul Wouters <paul@xelerance.com> - 1.4.12-1
5f4e7f
- Updated to 1.4.12
5f4e7f
5f4e7f
* Sun Jul 03 2011 Paul Wouters <paul@xelerance.com> - 1.4.11-1
5f4e7f
- Updated to 1.4.11
5f4e7f
- removed integrated CVE patch
5f4e7f
- updated stock unbound.conf for new options introduced
5f4e7f
5f4e7f
* Mon Jun 06 2011 Paul Wouters <paul@xelerance.com> - 1.4.10-1
5f4e7f
- Added ghost for /var/run/unbound (bz#656710)
5f4e7f
5f4e7f
* Mon Jun 06 2011 Paul Wouters <paul@xelerance.com> - 1.4.9-3
5f4e7f
- rebuilt
5f4e7f
5f4e7f
* Wed May 25 2011 Paul Wouters <paul@xelerance.com> - 1.4.9-2
5f4e7f
- Applied patch for CVE-2011-1922 DoS vulnerability
5f4e7f
5f4e7f
* Sun Mar 27 2011 Paul Wouters <paul@xelerance.com> - 1.4.9-1
5f4e7f
- Updated to 1.4.9
5f4e7f
5f4e7f
* Sat Feb 12 2011 Paul Wouters <paul@xelerance.com> - 1.4.8-2
5f4e7f
- rebuilt
5f4e7f
5f4e7f
* Tue Jan 25 2011 Paul Wouters <paul@xelerance.com> - 1.4.8-1
5f4e7f
- Updated to 1.4.8
5f4e7f
- Enable root key for DNSSEC
5f4e7f
- Fix unbound-munin to use proper file (could cause excessive logging)
5f4e7f
- Build unbound-python per default
5f4e7f
- Disable gost as Fedora/EPEL does not allow ECC and has mangled openssl
5f4e7f
5f4e7f
* Tue Oct 26 2010 Paul Wouters <paul@xelerance.com> - 1.4.5-4
5f4e7f
- Revert last build - it was on the wrong branch
5f4e7f
5f4e7f
* Tue Oct 26 2010 Paul Wouters <paul@xelerance.com> - 1.4.5-3
5f4e7f
- Disable do-ipv6 per default - causes severe degradation on non-ipv6 machines
5f4e7f
  (see comments in inbound.conf)
5f4e7f
5f4e7f
* Tue Jun 15 2010 Paul Wouters <paul@xelerance.com> - 1.4.5-2
5f4e7f
- Bump release - forgot to upload the new tar ball.
5f4e7f
5f4e7f
* Tue Jun 15 2010 Paul Wouters <paul@xelerance.com> - 1.4.5-1
5f4e7f
- Upgraded to 1.4.5
5f4e7f
5f4e7f
* Mon May 31 2010 Paul Wouters <paul@xelerance.com> - 1.4.4-2
5f4e7f
- Added accidentally omitted svn patches to cvs 
5f4e7f
5f4e7f
* Mon May 31 2010 Paul Wouters <paul@xelerance.com> - 1.4.4-1
5f4e7f
- Upgraded to 1.4.4 with svn patches
5f4e7f
- Obsolete dnssec-conf to ensure it is de-installed
5f4e7f
5f4e7f
* Thu Mar 11 2010 Paul Wouters <paul@xelerance.com> - 1.4.3-1
5f4e7f
- Update to 1.4.3 that fixes 64bit crasher
5f4e7f
5f4e7f
* Tue Mar 09 2010 Paul Wouters <paul@xelerance.com> - 1.4.2-1
5f4e7f
- Updated to 1.4.2 
5f4e7f
- Updated unbound.conf with new options
5f4e7f
- Enabled pre-fetching DNSKEY records (DNSSEC speedup)
5f4e7f
- Enabled re-fetching popular records before they expire
5f4e7f
- Enabled logging of DNSSEC validation errors
5f4e7f
5f4e7f
* Mon Mar 01 2010 Paul Wouters <paul@xelerance.com> - 1.4.1-5
5f4e7f
- Overriding -D_GNU_SOURCE is no longer needed. This fixes DSO issues
5f4e7f
  with pthreads
5f4e7f
5f4e7f
* Wed Feb 24 2010 Paul Wouters <paul@xelerance.com> - 1.4.1-3
5f4e7f
- Change make/configure lines to attempt to fix -lphtread linking issue
5f4e7f
5f4e7f
* Thu Feb 18 2010 Paul Wouters <paul@xelerance.com> - 1.4.1-2
5f4e7f
- Removed dependancy for dnssec-conf
5f4e7f
- Added ISC DLV key (formerly in dnssec-conf)
5f4e7f
- Fixup old DLV locations in unbound.conf file via %%post
5f4e7f
- Fix parent child disagreement handling and no-ipv6 present [svn r1953]
5f4e7f
5f4e7f
* Tue Jan 05 2010 Paul Wouters <paul@xelerance.com> - 1.4.1-1
5f4e7f
- Updated to 1.4.1
5f4e7f
- Changed %%define to %%global
5f4e7f
5f4e7f
* Thu Oct 08 2009 Paul Wouters <paul@xelerance.com> - 1.3.4-2
5f4e7f
- Bump version
5f4e7f
5f4e7f
* Thu Oct 08 2009 Paul Wouters <paul@xelerance.com> - 1.3.4-1
5f4e7f
- Upgraded to 1.3.4. Security fix with validating NSEC3 records
5f4e7f
5f4e7f
* Fri Aug 21 2009 Tomas Mraz <tmraz@redhat.com> - 1.3.3-2
5f4e7f
- rebuilt with new openssl
5f4e7f
5f4e7f
* Mon Aug 17 2009 Paul Wouters <paul@xelerance.com> - 1.3.3-1
5f4e7f
- Updated to 1.3.3
5f4e7f
5f4e7f
* Sun Jul 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.3.0-3
5f4e7f
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
5f4e7f
5f4e7f
* Sat Jun 20 2009 Paul Wouters <paul@xelerance.com> - 1.3.0-2
5f4e7f
- Added missing glob patch to cvs
5f4e7f
- Place python macros within the %%with_python check
5f4e7f
5f4e7f
* Sat Jun 20 2009 Paul Wouters <paul@xelerance.com> - 1.3.0-1
5f4e7f
- Updated to 1.3.0
5f4e7f
- Added unbound-python sub package. disabled for now
5f4e7f
- Patch from svn to fix DLV lookups
5f4e7f
- Patches from svn to detect wrong truncated response from BIND 9.6.1 with
5f4e7f
  minimal-responses)
5f4e7f
- Added Default-Start and Default-Stop to unbound.init
5f4e7f
- Re-enabled --enable-sha2
5f4e7f
- Re-enabled glob.patch
5f4e7f
5f4e7f
* Wed May 20 2009 Paul Wouters <paul@xelerance.com> - 1.2.1-7
5f4e7f
- unbound-iterator.patch was not commited
5f4e7f
5f4e7f
* Wed May 20 2009 Paul Wouters <paul@xelerance.com> - 1.2.1-6
5f4e7f
- Fix for https://bugzilla.redhat.com/show_bug.cgi?id=499793
5f4e7f
5f4e7f
* Tue Mar 17 2009 Paul Wouters <paul@xelerance.com> - 1.2.1-5
5f4e7f
- Use --nocheck to avoid giving an error on missing unbound-remote certs/keys
5f4e7f
5f4e7f
* Tue Mar 10 2009 Adam Tkac <atkac redhat com> - 1.2.1-4
5f4e7f
- enable DNSSEC only if it is enabled in sysconfig/dnssec
5f4e7f
5f4e7f
* Mon Mar 09 2009 Adam Tkac <atkac redhat com> - 1.2.1-3
5f4e7f
- add DNSSEC support to initscript and enabled it per default
5f4e7f
- add requires dnssec-conf
5f4e7f
5f4e7f
* Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.2.1-2
5f4e7f
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
5f4e7f
5f4e7f
* Tue Feb 10 2009 Paul Wouters 
5f4e7f
- updated to 1.2.1
5f4e7f
5f4e7f
* Sun Jan 18 2009 Tomas Mraz <tmraz@redhat.com> - 1.2.0-2
5f4e7f
- rebuild with new openssl
5f4e7f
5f4e7f
* Wed Jan 14 2009 Paul Wouters 
5f4e7f
- Updated to 1.2.0
5f4e7f
- Added dependancy on minimum SSL for CVE-2008-5077
5f4e7f
- Added dependancy on bc for unbound-munin
5f4e7f
- Added minimum requirement of libevent 1.4.5. Crashes with older versions
5f4e7f
  (note: libevent is stale in EL-4 and not in EL-5, needs fixing there)
5f4e7f
- Removed dependancy on selinux-policy (will get used when available)
5f4e7f
- Enable options as per draft-wijngaards-dnsext-resolver-side-mitigation-00.txt
5f4e7f
- Enable unwanted-reply-threshold to mitigate against a Kaminsky attack
5f4e7f
- Enable val-clean-additional to drop addition unsigned data from signed
5f4e7f
  response.
5f4e7f
- Removed patches (got merged into upstream)
5f4e7f
5f4e7f
* Mon Jan  5 2009 Paul Wouters <paul@xelerance.com> - 1.1.1-7
5f4e7f
- Modified scandir patch to silently fail when wildcard matches nothing
5f4e7f
- Patch to allow unbound-checkconf to find empty wildcard matches
5f4e7f
5f4e7f
* Mon Jan  5 2009 Paul Wouters <paul@xelerance.com> - 1.1.1-6
5f4e7f
- Added scandir patch for trusted-keys-file: option, which
5f4e7f
  is used to load multiple dnssec keys in bind file format
5f4e7f
5f4e7f
* Mon Dec  8 2008 Paul Wouters <paul@xelerance.com> - 1.1.1-4
5f4e7f
- Added Requires: for selinux-policy >= 3.5.13-33 for proper SElinux rules.
5f4e7f
5f4e7f
* Mon Dec  1 2008 Paul Wouters <paul@xelerance.com> - 1.1.1-3
5f4e7f
- We did not own the /etc/unbound directory (#474020)
5f4e7f
- Fixed cvs anomalies
5f4e7f
5f4e7f
* Fri Nov 28 2008 Adam Tkac <atkac redhat com> - 1.1.1-2
5f4e7f
- removed all obsolete chroot related stuff
5f4e7f
- label control certs after generation correctly
5f4e7f
5f4e7f
* Thu Nov 20 2008 Paul Wouters <paul@xelerance.com> - 1.1.1-1
5f4e7f
- Updated to unbound 1.1.1 which fixes a crasher and
5f4e7f
  addresses nlnetlabs bug #219
5f4e7f
5f4e7f
* Wed Nov 19 2008 Paul Wouters <paul@xelerance.com> - 1.1.0-3
5f4e7f
- Remove the chroot, obsoleted by SElinux
5f4e7f
- Add additional munin plugin links supported by unbound plugin
5f4e7f
- Move configuration directory from /var/lib/unbound to /etc/unbound
5f4e7f
- Modified unbound.init and unbound.conf to account for chroot changes
5f4e7f
- Updated unbound.conf with new available options
5f4e7f
- Enabled dns-0x20 protection per default
5f4e7f
5f4e7f
* Wed Nov 19 2008 Adam Tkac <atkac redhat com> - 1.1.0-2
5f4e7f
- unbound-1.1.0-log_open.patch
5f4e7f
  - make sure log is opened before chroot call
5f4e7f
  - tracked as http://www.nlnetlabs.nl/bugs/show_bug.cgi?id=219
5f4e7f
- removed /dev/log and /var/run/unbound and /etc/resolv.conf from
5f4e7f
  chroot, not needed
5f4e7f
- don't mount files in chroot, it causes problems during updates
5f4e7f
- fixed typo in default config file
5f4e7f
5f4e7f
* Fri Nov 14 2008 Paul Wouters <paul@xelerance.com> - 1.1.0-1
5f4e7f
- Updated to version 1.1.0
5f4e7f
- Updated unbound.conf's statistics options and remote-control
5f4e7f
  to work properly for munin
5f4e7f
- Added unbound-munin package
5f4e7f
- Generate unbound remote-control  key/certs on first startup
5f4e7f
- Required ldns is now 1.4.0
5f4e7f
5f4e7f
* Wed Oct 22 2008 Paul Wouters <paul@xelerance.com> - 1.0.2-5
5f4e7f
- Only call ldconfig in -libs package
5f4e7f
- Move configure into build section
5f4e7f
- devel subpackage should only depend on libs subpackage
5f4e7f
5f4e7f
* Tue Oct 21 2008 Paul Wouters <paul@xelerance.com> - 1.0.2-4
5f4e7f
- Fix CFLAGS getting lost in build
5f4e7f
- Don't enable interface-automatic:yes because that
5f4e7f
  causes unbound to listen on 0.0.0.0 instead of 127.0.0.1
5f4e7f
5f4e7f
* Sun Oct 19 2008 Paul Wouters <paul@xelerance.com> - 1.0.2-3
5f4e7f
- Split off unbound-libs, make build verbose 
5f4e7f
5f4e7f
* Thu Oct  9 2008 Paul Wouters <paul@xelerance.com> - 1.0.2-2
5f4e7f
- FSB compliance, chroot fixes, initscript fixes
5f4e7f
5f4e7f
* Thu Sep 11 2008 Paul Wouters <paul@xelerance.com> - 1.0.2-1
5f4e7f
- Upgraded to 1.0.2
5f4e7f
5f4e7f
* Wed Jul 16 2008 Paul Wouters <paul@xelerance.com> - 1.0.1-1
5f4e7f
- upgraded to new release
5f4e7f
5f4e7f
* Wed May 21 2008 Paul Wouters <paul@xelerance.com> - 1.0.0-2
5f4e7f
- Build against ldns-1.3.0
5f4e7f
5f4e7f
* Wed May 21 2008 Paul Wouters <paul@xelerance.com> - 1.0.0-1
5f4e7f
- Split of -devel package, fixed dependancies, make rpmlint happy
5f4e7f
5f4e7f
* Thu Apr 25 2008 Wouter Wijngaards <wouter@nlnetlabs.nl> - 0.12
5f4e7f
- Using parts from ports collection entry by Jaap Akkerhuis.
5f4e7f
- Using Fedoraproject wiki guidelines.
5f4e7f
5f4e7f
* Wed Apr 23 2008 Wouter Wijngaards <wouter@nlnetlabs.nl> - 0.11
5f4e7f
- Initial version.