knot (1.6.0-1+devuan1.1) unstable; urgency=medium * Removing systemd dependencies * gbp.conf fixes -- Lydia Sevelt Sun, 07 May 2017 16:12:37 +0000 knot (1.6.0-1) unstable; urgency=medium * New upstream version 1.6.0 * Switch to network-online.target to mitigate some network not-yet-ready races * Recommend systemd due journald enabled logging (Closes: #766596) -- Ondřej Surý Fri, 24 Oct 2014 12:41:32 +0200 knot (1.6.0~rc2-1) unstable; urgency=medium * New upstream version 1.6.0~rc2 * Update patches for 1.6.0~rc2 release -- Ondřej Surý Fri, 17 Oct 2014 17:32:30 +0200 knot (1.6.0~rc1-1) unstable; urgency=medium * New upstream version 1.6.0~rc1 * Knot needs lmdb for persistent timers -- Ondřej Surý Mon, 13 Oct 2014 23:06:56 +0200 knot (1.5.3-1) unstable; urgency=medium * Move knot-libs to Section: net (Closes: #760795) * New upstream version 1.5.3 -- Ondřej Surý Mon, 15 Sep 2014 17:00:08 +0200 knot (1.5.2-1) unstable; urgency=high * Update Vcs-Urls to point to anonscm.debian.org * New upstream version 1.5.2 + [CVE-2014-0486]: Fixed remote crash with crafted DNS message * Update patches for 1.5.2 release -- Ondřej Surý Mon, 08 Sep 2014 11:11:56 +0200 knot (1.5.1-3) unstable; urgency=high * More arch/indep build rules splitting to fix binary-arch-only builds * Add lintian override to override warning about internal libraries in knot-libs -- Ondřej Surý Tue, 26 Aug 2014 09:43:05 +0200 knot (1.5.1-2) unstable; urgency=medium * Enable full hardening via debhelper >= 9 * Enable IDN in knot-dnsutils and knot-host packages * Enable systemd libraries only on linux-any * Split arch and indep builds to build the documentation just once * Drop ragel from build depends to allow arm64 builds -- Ondřej Surý Mon, 25 Aug 2014 15:54:34 +0200 knot (1.5.1-1) unstable; urgency=medium * New upstream version 1.5.1 * Enable systemd notification mechanism * Enable systemd journal enhanced logging -- Ondřej Surý Wed, 20 Aug 2014 10:45:18 +0200 knot (1.5.0-1) unstable; urgency=medium * New upstream version 1.5.0 + Features: - Pluggable query processing modules - Synthetic IPv4/IPv6 reverse/forward records (optional module) - dnstap support in both utilities & server (optional module) - NOTIFY message support and new TSIG section in kdig - Multi-master support - edns-client-subnet support in kdig - Optional asynchronous startup (config "asynchronous-start") - DDNS forwarding reimplemented + Improvements: - Query processing and core functionality overhaul - Performance and reduced memory footprint - Faster zone events scheduling - RFC compliant queries/responses in some corner cases - Log messages - New documentation (Sphinx) - Transfer sizes logged in bytes if needed - Logging outgoing NOTIFY messages - Logging unauthorized incoming NOTIFYs - Preempt task queue for faster reload - Lazy zone file write after zone transfer (governed by "zonefile-sync") + Bugfixes: - Close zone transfer after SERVFAIL response - Incremental to full zone transfer fallback, wrong log message - Zone events corner cases, reload replanning - Zone flush planning after bootstrap - Incorrect incoming AXFR message sizes - DDNS signing changes were freed too soon, posibility of stale data - knotc remote control key handling * Debian packaging: + d/control: New documentation is using sphinx + d/control: New knot-libs package containing internal shared libraries -- Ondřej Surý Wed, 09 Jul 2014 13:08:26 +0200 knot (1.4.6+hotfix-1) unstable; urgency=medium * New upstream version 1.4.6+hotfix -- Ondřej Surý Thu, 22 May 2014 15:39:07 +0200 knot (1.4.6-1) unstable; urgency=medium * New upstream version 1.4.6 * Update patches for 1.4.6 release -- Ondřej Surý Thu, 22 May 2014 13:15:14 +0200 knot (1.4.5-2) unstable; urgency=high * Re-upload to fix botched amd64 upload in 1.4.5-1 -- Ondřej Surý Tue, 22 Apr 2014 14:58:30 +0200 knot (1.4.5-1) unstable; urgency=high * New upstream version 1.4.5 + Fix possible weakness in TSIG signature checking * Refresh patches for 1.4.5 release * Use dh-autoreconf to regenerate autotools files -- Ondřej Surý Mon, 14 Apr 2014 15:11:12 +0200 knot (1.4.4-1) unstable; urgency=medium * New upstream version 1.4.4 + Server is logging remote control commands + 'knotc reload' doesn't refresh unchanged zones + 'knotc -f refresh' forces zone retransfer + Fixed missing notifications after DDNS/automatic resign + Zone is rebootstrapped if the zone file is unreadable + Progressive bootstrap retry backoff + Zone file parser now allows asterisk as part of the label + Fix journal maximum entry size + Sign DNSKEYs in non-apex nodes as regular RR sets + Various spelling and typo fixes (Courtesy of Robert Edmonds) -- Ondřej Surý Thu, 27 Mar 2014 15:49:54 +0100 knot (1.4.3-2) unstable; urgency=medium * Add support for autotools-dev and dh-systemd * Enable parallel builds in dh invocation -- Ondřej Surý Tue, 18 Feb 2014 13:44:13 +0100 knot (1.4.3-1) unstable; urgency=low * New upstream version 1.4.3 -- Ondřej Surý Tue, 18 Feb 2014 13:03:42 +0100 knot (1.4.2-1) unstable; urgency=low * New upstream version 1.4.2 * Update OpenSSL << 1.0.0 compatibility patch -- Ondřej Surý Mon, 27 Jan 2014 16:14:33 +0100 knot (1.4.1-2) unstable; urgency=low * Add patch to remove the requirement for OpenSSL 1.0.0 to build on Debian squeeze, be warned though that the OpenSSL before 1.0.0 might manifest some threading errors and crashes, so you really should upgrade your system to Debian wheezy. -- Ondřej Surý Thu, 23 Jan 2014 16:53:03 +0100 knot (1.4.1-1) unstable; urgency=low * New upstream version 1.4.1 + Empty APL record support + 'zonestatus' when using immediate zone syncing + Immediate zone syncing after reload + Race condition writing time values to zone file + Require OpenSSL >= 1.0.0 * Don't use dh-autoreconf, upstream uses recent enough autotools * Bump standards version to 3.9.5 * Run the tests on every arch without the condition, but don't fail anywhere -- Ondřej Surý Mon, 13 Jan 2014 18:00:18 +0100 knot (1.4.0-1) unstable; urgency=low * New major upstream version 1.4.0 + Experimental automatic DNSSEC signing + Fastest ragel parser enabled by default + Reduced memory usage + Zone SOA SERIAL policies (INCREMENT, UNIXTIME) for DDNS and automatic DNSSEC signing + IDN support in Knot utilities (kdig, knsupdate, ...) + DNSSEC: support for GOST algorithm + Support for DNSSEC key pre-publication * Remove PATH_MAX patch, it's already included in upstream * Run the tests on all archs, but don't fail the build if the tests fail on broken archs * Update watch file to match (alpha|beta|rc)\d* versions -- Ondřej Surý Mon, 06 Jan 2014 11:00:07 +0100 knot (1.4.0~rc2-1) experimental; urgency=low * New upstream version 1.4.0~rc2 -- Ondřej Surý Fri, 13 Dec 2013 17:53:26 +0100 knot (1.4.0~rc1-1) experimental; urgency=low * Disable tests on GNU Hurd * New upstream version 1.4.0~rc1 -- Ondřej Surý Mon, 25 Nov 2013 16:19:27 +0100 knot (1.4.0~beta-1) experimental; urgency=low * New upstream version 1.4.0~beta * Update patches for 1.4.0~beta release * Disable fastparser since the ragel is broken in one test * Add knsec3hash to knot package -- Ondřej Surý Tue, 29 Oct 2013 12:25:49 +0100 knot (1.3.4-1) unstable; urgency=low * Disable tests on GNU Hurd * New upstream version 1.3.4 -- Ondřej Surý Fri, 13 Dec 2013 17:23:52 +0100 knot (1.3.3-1) unstable; urgency=low * New upstream version 1.3.3 -- Ondřej Surý Mon, 28 Oct 2013 11:40:13 +0100 knot (1.3.2-3) unstable; urgency=low * Add ufw applications.d rule for Knot DNS * Disable recvmmsg on GNU Hurd (since recvmmsg is not implemented on GNU Hurd and will always fail) * Enable fastparser (requires Ragel) -- Ondřej Surý Fri, 11 Oct 2013 17:23:35 +0200 knot (1.3.2-2) unstable; urgency=low * Define #PATH_MAX to make GNU Hurd happy * Don't enable LTO, it doesn't play well with debugging symbols -- Ondřej Surý Sun, 06 Oct 2013 01:57:13 +0200 knot (1.3.2-1) unstable; urgency=low * New upstream version 1.3.2 * Enable link-time-optimizations by default -- Ondřej Surý Mon, 30 Sep 2013 15:04:01 +0200 knot (1.3.1-1) unstable; urgency=low * New upstream version 1.3.1 * Add new debian/watch file (Courtesy of Debian QA) * Bump standards to 3.9.4 * Stop using /lib/init/vars.sh, we don't use $VERBOSE anymore anyway * Drop syslog.target as it is not needed anymore * Remove SSE detection patch as it was merged upstream -- Ondřej Surý Tue, 27 Aug 2013 14:27:44 +0200 knot (1.3.0-2) unstable; urgency=low * Disable SSE detection in the packaged version of Knot DNS -- Ondřej Surý Fri, 16 Aug 2013 13:04:39 +0200 knot (1.3.0-1) unstable; urgency=low * New upstream version 1.3.0 * Remove upstream patch from 1.3.0~rc5-2 as it is included in this release. -- Ondřej Surý Mon, 05 Aug 2013 17:01:23 +0200 knot (1.3.0~rc5-2) unstable; urgency=low * Pull some pre 1.3.0 patches (mainly to test before release): + Initialize secondary groups for user .. + Reworked CH TXT records support (RFC 4892). + Fixed inactive xfers may be disconnected depending on the previous result. + Add server starting information to log. -- Ondřej Surý Mon, 05 Aug 2013 10:39:48 +0200 knot (1.3.0~rc5-1) unstable; urgency=low * New upstream version 1.3.0~rc5 * Remove last upstream patch, all our changes have been merged. Yay\! -- Ondřej Surý Mon, 29 Jul 2013 17:15:56 +0200 knot (1.3.0~rc4-2) unstable; urgency=low * Disable tests on big endian architectures (but the code still needs to be fixed) -- Ondřej Surý Tue, 23 Jul 2013 14:07:39 +0200 knot (1.3.0~rc4-1) unstable; urgency=low * New upstream version 1.3.0~rc4 * Add upstream patch to honour CONFIG_DIR * Remove now obsolete patch to run as knot:knot * The knot/ is now added by upstream to @sysconfdir@ -- Ondřej Surý Mon, 15 Jul 2013 15:15:05 +0200 knot (1.3.0~rc3-2) unstable; urgency=low * Add proper support for upstart and systemd along with sysvinit * Add /usr/lib/knot/prepare-environment script which will parse knot configuration file and properly create rundir and set correct permissions to configured values in /etc/knot/knot.conf * Remove /etc/default/knot since the values are now parsed directly from the configuration file * Add /var/lib/knot to knot.dirs, so it gets created on package install * Drop checking for $VERBOSE variable and properly log start/stop from sysvinit script -- Ondřej Surý Tue, 02 Jul 2013 13:08:33 +0200 knot (1.3.0~rc3-1) unstable; urgency=low * New upstream version 1.3.0~rc3 * Packaging changes: + Use --fail-missing to check for all new files + Remove obsolete patches and update installed conffile with latest options + Don't install knot-zcompile as it is no more + Install minimal example configuration file as /etc/knot/knot.conf + Add --disable-silent-rules to configure invocation + Add patch to fix missing $(DESTDIR) in src/Makefile.am + Set --with-rundir and --with-storage to correct locations + Run under knot:knot by default (create and delete knot user) + Add knot-dnsutils and knot-host packages + Add patch to move knot-{host,dnsutils} manpages to correct location + Add samples/knot.{full,keys}.conf and example zone to examples. * Add knot-doc package with generated documentation (PDF and HTML) -- Ondřej Surý Fri, 28 Jun 2013 12:59:55 +0200 knot (1.2.0-2) unstable; urgency=low * /etc/init.d/knot now sources /etc/default/knot instead of /etc/init.d/knotd (Closes: #707683) * Pull upstream fix for pidfile creation before dropping priviledges (Closes: #707685) * Enable SSE2 support again (we will simply not support anything older than Pentium M) -- Ondřej Surý Wed, 26 Jun 2013 14:41:04 +0200 knot (1.2.0-1) unstable; urgency=low * Imported Upstream version 1.2.0 + Final release. + Some small memory leaks fixes. -- Ondřej Surý Wed, 03 Apr 2013 09:16:25 +0200 knot (1.2.0~rc4-1) unstable; urgency=low * Imported Upstream version 1.2.0~rc4 + knotc 'zonestatus' command + Changing logfile ownership before dropping privileges + knotc respects 'control' section from configuration + RRL: resolved bucket collisions + RRL: updated bucket mapping to conform RRL technical memo -- Ondřej Surý Fri, 22 Mar 2013 15:35:50 +0100 knot (1.2.0~rc3-1) unstable; urgency=low * Imported Upstream version 1.2.0~rc3 + New functionality: Response Rate Limiting as a response to reflection DNS DDoS attacks in the wild + Add missing RRSIG in ANY queries -- Ondřej Surý Fri, 01 Mar 2013 13:24:28 +0100 knot (1.2~rc2-1) unstable; urgency=low * Imported Upstream version 1.2~rc2 * Fix git location * Update patches for 1.2 release -- Ondřej Surý Mon, 18 Feb 2013 12:40:01 +0100 knot (1.1.3-1) unstable; urgency=low * Imported Upstream version 1.1.3 -- Ondřej Surý Thu, 20 Dec 2012 10:50:41 +0100 knot (1.1.3~rc1-1) unstable; urgency=low * Imported Upstream version 1.1.3~rc1 + Fixed answering DS queries (RRSIGs not together with DS, AA bit missing). + Fixed setting ARCOUNT in some error responses with EDNS enabled. + Fixed crash when compiling zone zone with NSEC3PARAM but no NSEC3 and semantic checks enabled. -- Ondřej Surý Fri, 07 Dec 2012 11:19:35 +0100 knot (1.1.2-1) unstable; urgency=low * Imported Upstream version 1.1.2 -- Ondřej Surý Wed, 21 Nov 2012 14:45:34 +0100 knot (1.1.2~rc1-1) unstable; urgency=low * Imported Upstream version 1.1.2~rc1 * Update patches for new release -- Ondřej Surý Wed, 14 Nov 2012 14:04:17 +0100 knot (1.1.1-1) unstable; urgency=low * Imported Upstream version 1.1.1 * Update and remove obsolete patches for new release -- Ondřej Surý Wed, 31 Oct 2012 10:42:09 +0100 knot (1.1.0-5) unstable; urgency=low * Disable SSE2 instruction set, might solve some strange crashes. -- Ondřej Surý Wed, 10 Oct 2012 13:09:54 +0200 knot (1.1.0-4) unstable; urgency=low * Disable extra hardening via dpkg-buildflags, which is not needed by debhelper 9, but breaks builds on squeeze * Install man5 and knot.info documentation -- Ondřej Surý Mon, 03 Sep 2012 16:43:26 +0200 knot (1.1.0-3) unstable; urgency=low * Bump dependency on debhelper >= 9 * Bump standards version to 3.9.3 * Fix installation of manpages to correct directories -- Ondřej Surý Mon, 03 Sep 2012 16:02:11 +0200 knot (1.1.0-2) unstable; urgency=low * Disable AM_MAINTAINER_MODE and re-run autoreconf -fi * Enable hardening build by default * Update pidfile patch to 1.1.0 * Cope with default MultiArch in dh_compat==9 and don't install unittests* binaries -- Ondřej Surý Mon, 03 Sep 2012 15:32:53 +0200 knot (1.1.0-1) unstable; urgency=low * Imported Upstream version 1.1.0 - User manual now available. - Optionally disable ANY queries for authoritative answers. - Dropping identical records in zone and incoming transfers. - Support for '/' in zone names. - Generating journal from reloaded zone (EXPERIMENTAL). - Outgoing-only interfaces in configuration file. - Following DNAME if the synthetized name is in the same zone. - IXFR-in optimized. - Many zones loading optimized. - Signing SOA with TSIG queries when checking zone version with master. * Enable maintainer mode to generate version.texi as a workaround. -- Ondřej Surý Fri, 31 Aug 2012 16:27:07 +0200 knot (1.0.6-1) unstable; urgency=low * Imported Upstream version 1.0.6 - Add NSEC/NSEC3 for all wildcard CNAMEs in the response. - Fixed potential problems with RCU synchronization. -- Ondřej Surý Wed, 13 Jun 2012 15:31:52 +0200 knot (1.0.5-1) unstable; urgency=low * Imported Upstream version 1.0.5 - Fixed bug with creating journal files which didn't get merged by accident -- Ondřej Surý Thu, 17 May 2012 12:25:27 +0200 knot (1.0.4-1) unstable; urgency=low * Imported Upstream version 1.0.4 - Speed-up loading of many zones due parallelization - Support for TLSA resource record (Type 52) - New commands knotc checkzone and knotc refresh (forced update) - Fixed responses to CNAME queries if the canonical name was also an alias - Fixed crash when NS or MX points to an alias - Fixed crash when bootstraping/compiling a lot of zones - Significant speed-up and memory usage reduction of IXFR-in -- Ondřej Surý Wed, 16 May 2012 09:33:26 +0200 knot (1.0.3-1) unstable; urgency=low * Imported Upstream version 1.0.3 - Fixed bug in non-EDNS0 queries over TCP - Zone compilation time regression fixed -- Ondřej Surý Wed, 18 Apr 2012 09:06:57 +0200 knot (1.0.2-1) unstable; urgency=low * Imported Upstream version 1.0.2 - Bugfix release -- Ondřej Surý Fri, 13 Apr 2012 16:09:11 +0200 knot (1.0.1-1) unstable; urgency=low * Imported Upstream version 1.0.1 - Implemented jitter to REFRESH/RETRY timers - Fixed problem with creating IXFR journal for bootstrapped zone - Fixed race condition in processing NOTIFY/SOA queries - Fixed improper assignment of TSIG algorithm type -- Ondřej Surý Fri, 09 Mar 2012 20:18:37 +0100 knot (1.0.0-1) unstable; urgency=low * Imported Upstream version 1.0.0 * Update pidfile patch -- Ondřej Surý Wed, 29 Feb 2012 18:46:13 +0100 knot (1.0~rc1-1) unstable; urgency=low * Imported Upstream version 1.0~rc1 * Move knotd.pid to /var/run where it belongs -- Ondřej Surý Wed, 15 Feb 2012 21:12:56 +0100 knot (0.9.1-3) unstable; urgency=low * Install files into knot package (broken build after added debug package) -- Ondřej Surý Mon, 23 Jan 2012 15:01:42 +0100 knot (0.9.1-2) unstable; urgency=low * Build knot-dbg package with debug symbols -- Ondřej Surý Mon, 23 Jan 2012 13:27:20 +0100 knot (0.9.1-1) unstable; urgency=low * Imported Upstream version 0.9.1 + RRSet rotation functionality added + New pseudo-random number generator (new BSD licensed) + Fixed build on BSD + Fixes in parsing and dumping of some RR types * Add correct git-buildpackage configuration * Update copyright for new PRNG -- Ondřej Surý Sat, 21 Jan 2012 15:47:30 +0100 knot (0.9-1) unstable; urgency=low * Imported Upstream version 0.9 + Add TSIG support + Several smaller bugfixes * Add correct git-buildpackage configuration * Imported Upstream version 0.9.1 * Update copyright for new PRNG -- Ondřej Surý Sat, 21 Jan 2012 15:46:54 +0100 knot (0.8.1-1) unstable; urgency=low * Imported Upstream version 0.8.1 + Correctly handle SPF resource records + Fix wrong text dumping of unknown records. -- Ondřej Surý Thu, 01 Dec 2011 16:27:44 +0100 knot (0.8-1) unstable; urgency=low * Initial release (Closes: #647461) * Add some dependencies in the init.d script * Add flex and bison to b-d * Add versioned dependency on liburcu * Daemonize on the start * Update copyright file to include all licenses -- Ondřej Surý Wed, 16 Nov 2011 07:14:55 +0100