unbound: Vendor import 1.20.0

Release notes at
https://www.nlnetlabs.nl/news/2024/May/08/unbound-1.20.0-released/

Security: The DNSBomb vulnerability CVE-2024-33655

Merge commit 'c2a80056864d6eda0398fd127dc0ae515b39752b' into main

unbound: Vendor import 1.18.0

Release notes at
https://www.nlnetlabs.nl/news/2023/Aug/30/unbound-1.18.0-released/

MFC after: 2 weeks

Merge commit '401770e05c71ecb5ae61a59d316069b4b78bf622' into main

unbound: Vendor import 1.17.1

Release notes at
https://www.nlnetlabs.nl/news/2023/Jan/12/unbound-1.17.1-released/.

MFC after: 1 month

Merge commit '7699e1386a16236002b26107ffd2dcbde375e197' into main

unbound: Vendor import 1.16.3

Fixes CVE-2022-3204 'Non-Responsive Delegation Attack'.

MFC after: 3 days
Security: CVE-2022-3204
Security: https://nlnetlabs.nl/downloads/unbound/CVE-2022-3204.txt
Changelog: https://nlnetlabs.nl/news/2022/Sep/21/unbound-1.16.3-released/

Merge commit '0dde6f4f8e604df8c6fbdab8b4aadb5ddf80c76f' into unbound/main

unbound: Vendor import 1.16.2

Security update to unbound.

PR: 265645
Security: CVE-2022-30698, CVE-2022-30699
Security: bc43a578-14ec-11ed-856e-d4c9ef517024
MFC after: 3 days

Merge commit '9b76d32f2310b735dbeb896cbf2776cad61f23e8' into main

unbound: Vendor import 1.16.1

Merge commit 'd57351465531b38689892ec862de2725b52842dd' into unbound/main2

MFC after: 1 month

unbound: Vendor import 1.16.0

Merge commit '5f9f82264b91e041df7cba2406625146e7268ce4' into main

MFC after: 1 month

unbount: Vendor import 1.14.0rc1

This vendor import was requested by glebius@ as it should fix unbound
crashes.

Reported by: glebius
MFC after: 1 week

unbound: Vendor import 1.13.2

Merge commit '625f1c1312fb7defbd148c8ba121a0cf058707ef'

MFC after: 1 month

MFV 364468:

Update unbound 1.10.1 --> 1.11.0.

MFH: 1 month

MFV r361322:

Update unbound 1.9.6 --> 1.10.1.

Bug Fixes:
- CVE-2020-12662 Unbound can be tricked into amplifying an incoming
query into a large number of queries directed to a target.
- CVE-2020-12663 Malformed answers from upstream name servers can be
used to make Unbound unresponsive.

Reported by: emaste
MFC after: 3 days
Relnotes: yes
Security: CVE-2020-12662, CVE-2020-12663

Upgrade Unbound to 1.9.2.

Upgrade Unbound to 1.8.0. More to follow.

Approved by: re (kib)

Upgrade Unbound to 1.7.2. More to follow.

Approved by: re (kib@)

Upgrade Unbound to 1.7.1.

Upgrade Unbound to 1.7.0. More to follow.

Upgrade Unbound to 1.6.1. More to follow.

Upgrade Unbound to 1.6.0. More to follow.

Upgrade to Unbound 1.5.10.

Upgrade to Unbound 1.5.9.

Upgrade to Unbound 1.5.7.

Upgrade to Unbound 1.5.4.

Upgrade Unbound to 1.5.3.

Upgrade to Unbound 1.5.1. Almost all our local changes to date have been
adopted upstream, greatly reducing the diff.

Upgrade to latest ldns (1.6.17) and unbound (1.4.22).

MFC after: 3 weeks

Upgrade to 1.4.20.

Minimal subset of the unbound sources.

unbound: Vendor import 1.18.0

Release notes at
https://www.nlnetlabs.nl/news/2023/Aug/30/unbound-1.18.0-released/

MFC after: 2 weeks

Merge commit '401770e05c71ecb5ae61a59d316069b4b78bf622' into main

unbound: Vendor import 1.17.1

Release notes at
https://www.nlnetlabs.nl/news/2023/Jan/12/unbound-1.17.1-released/.

MFC after: 1 month

Merge commit '7699e1386a16236002b26107ffd2dcbde375e197' into main

unbound: Vendor import 1.16.3

Fixes CVE-2022-3204 'Non-Responsive Delegation Attack'.

MFC after: 3 days
Security: CVE-2022-3204
Security: https://nlnetlabs.nl/downloads/unbound/CVE-2022-3204.txt
Changelog: https://nlnetlabs.nl/news/2022/Sep/21/unbound-1.16.3-released/

Merge commit '0dde6f4f8e604df8c6fbdab8b4aadb5ddf80c76f' into unbound/main

unbound: Vendor import 1.16.2

Security update to unbound.

PR: 265645
Security: CVE-2022-30698, CVE-2022-30699
Security: bc43a578-14ec-11ed-856e-d4c9ef517024
MFC after: 3 days

Merge commit '9b76d32f2310b735dbeb896cbf2776cad61f23e8' into main

unbound: Vendor import 1.16.1

Merge commit 'd57351465531b38689892ec862de2725b52842dd' into unbound/main2

MFC after: 1 month

unbound: Vendor import 1.16.0

Merge commit '5f9f82264b91e041df7cba2406625146e7268ce4' into main

MFC after: 1 month

unbount: Vendor import 1.14.0rc1

This vendor import was requested by glebius@ as it should fix unbound
crashes.

Reported by: glebius
MFC after: 1 week

unbound: Vendor import 1.13.2

Merge commit '625f1c1312fb7defbd148c8ba121a0cf058707ef'

MFC after: 1 month

MFV 364468:

Update unbound 1.10.1 --> 1.11.0.

MFH: 1 month

MFV r361322:

Update unbound 1.9.6 --> 1.10.1.

Bug Fixes:
- CVE-2020-12662 Unbound can be tricked into amplifying an incoming
query into a large number of queries directed to a target.
- CVE-2020-12663 Malformed answers from upstream name servers can be
used to make Unbound unresponsive.

Reported by: emaste
MFC after: 3 days
Relnotes: yes
Security: CVE-2020-12662, CVE-2020-12663

Upgrade Unbound to 1.9.2.

Upgrade Unbound to 1.8.0. More to follow.

Approved by: re (kib)

Upgrade Unbound to 1.7.2. More to follow.

Approved by: re (kib@)

Upgrade Unbound to 1.7.1.

Upgrade Unbound to 1.7.0. More to follow.

Upgrade Unbound to 1.6.1. More to follow.

Upgrade Unbound to 1.6.0. More to follow.

Upgrade to Unbound 1.5.10.

Upgrade to Unbound 1.5.9.

Upgrade to Unbound 1.5.7.

Upgrade to Unbound 1.5.4.

Upgrade Unbound to 1.5.3.

Upgrade to Unbound 1.5.1. Almost all our local changes to date have been
adopted upstream, greatly reducing the diff.

Upgrade to latest ldns (1.6.17) and unbound (1.4.22).

MFC after: 3 weeks

Upgrade to 1.4.20.

Minimal subset of the unbound sources.

unbound: Vendor import 1.17.1

Release notes at
https://www.nlnetlabs.nl/news/2023/Jan/12/unbound-1.17.1-released/.

MFC after: 1 month

Merge commit '7699e1386a16236002b26107ffd2dcbde375e197' into main

unbound: Vendor import 1.16.3

Fixes CVE-2022-3204 'Non-Responsive Delegation Attack'.

MFC after: 3 days
Security: CVE-2022-3204
Security: https://nlnetlabs.nl/downloads/unbound/CVE-2022-3204.txt
Changelog: https://nlnetlabs.nl/news/2022/Sep/21/unbound-1.16.3-released/

Merge commit '0dde6f4f8e604df8c6fbdab8b4aadb5ddf80c76f' into unbound/main

unbound: Vendor import 1.16.2

Security update to unbound.

PR: 265645
Security: CVE-2022-30698, CVE-2022-30699
Security: bc43a578-14ec-11ed-856e-d4c9ef517024
MFC after: 3 days

Merge commit '9b76d32f2310b735dbeb896cbf2776cad61f23e8' into main

unbound: Vendor import 1.16.1

Merge commit 'd57351465531b38689892ec862de2725b52842dd' into unbound/main2

MFC after: 1 month

unbound: Vendor import 1.16.0

Merge commit '5f9f82264b91e041df7cba2406625146e7268ce4' into main

MFC after: 1 month

unbount: Vendor import 1.14.0rc1

This vendor import was requested by glebius@ as it should fix unbound
crashes.

Reported by: glebius
MFC after: 1 week

unbound: Vendor import 1.13.2

Merge commit '625f1c1312fb7defbd148c8ba121a0cf058707ef'

MFC after: 1 month

MFV 364468:

Update unbound 1.10.1 --> 1.11.0.

MFH: 1 month

MFV r361322:

Update unbound 1.9.6 --> 1.10.1.

Bug Fixes:
- CVE-2020-12662 Unbound can be tricked into amplifying an incoming
query into a large number of queries directed to a target.
- CVE-2020-12663 Malformed answers from upstream name servers can be
used to make Unbound unresponsive.

Reported by: emaste
MFC after: 3 days
Relnotes: yes
Security: CVE-2020-12662, CVE-2020-12663

Upgrade Unbound to 1.9.2.

Upgrade Unbound to 1.8.0. More to follow.

Approved by: re (kib)

Upgrade Unbound to 1.7.2. More to follow.

Approved by: re (kib@)

Upgrade Unbound to 1.7.1.

Upgrade Unbound to 1.7.0. More to follow.

Upgrade Unbound to 1.6.1. More to follow.

Upgrade Unbound to 1.6.0. More to follow.

Upgrade to Unbound 1.5.10.

Upgrade to Unbound 1.5.9.

Upgrade to Unbound 1.5.7.

Upgrade to Unbound 1.5.4.

Upgrade Unbound to 1.5.3.

Upgrade to Unbound 1.5.1. Almost all our local changes to date have been
adopted upstream, greatly reducing the diff.

Upgrade to latest ldns (1.6.17) and unbound (1.4.22).

MFC after: 3 weeks

Upgrade to 1.4.20.

Minimal subset of the unbound sources.

unbound: Vendor import 1.16.3

Fixes CVE-2022-3204 'Non-Responsive Delegation Attack'.

MFC after: 3 days
Security: CVE-2022-3204
Security: https://nlnetlabs.nl/downloads/unbound/CVE-2022-3204.txt
Changelog: https://nlnetlabs.nl/news/2022/Sep/21/unbound-1.16.3-released/

Merge commit '0dde6f4f8e604df8c6fbdab8b4aadb5ddf80c76f' into unbound/main

unbound: Vendor import 1.16.2

Security update to unbound.

PR: 265645
Security: CVE-2022-30698, CVE-2022-30699
Security: bc43a578-14ec-11ed-856e-d4c9ef517024
MFC after: 3 days

Merge commit '9b76d32f2310b735dbeb896cbf2776cad61f23e8' into main

unbound: Vendor import 1.16.1

Merge commit 'd57351465531b38689892ec862de2725b52842dd' into unbound/main2

MFC after: 1 month

unbound: Vendor import 1.16.0

Merge commit '5f9f82264b91e041df7cba2406625146e7268ce4' into main

MFC after: 1 month

unbount: Vendor import 1.14.0rc1

This vendor import was requested by glebius@ as it should fix unbound
crashes.

Reported by: glebius
MFC after: 1 week

unbound: Vendor import 1.13.2

Merge commit '625f1c1312fb7defbd148c8ba121a0cf058707ef'

MFC after: 1 month

MFV 364468:

Update unbound 1.10.1 --> 1.11.0.

MFH: 1 month

MFV r361322:

Update unbound 1.9.6 --> 1.10.1.

Bug Fixes:
- CVE-2020-12662 Unbound can be tricked into amplifying an incoming
query into a large number of queries directed to a target.
- CVE-2020-12663 Malformed answers from upstream name servers can be
used to make Unbound unresponsive.

Reported by: emaste
MFC after: 3 days
Relnotes: yes
Security: CVE-2020-12662, CVE-2020-12663

Upgrade Unbound to 1.9.2.

Upgrade Unbound to 1.8.0. More to follow.

Approved by: re (kib)

Upgrade Unbound to 1.7.2. More to follow.

Approved by: re (kib@)

Upgrade Unbound to 1.7.1.

Upgrade Unbound to 1.7.0. More to follow.

Upgrade Unbound to 1.6.1. More to follow.

Upgrade Unbound to 1.6.0. More to follow.

Upgrade to Unbound 1.5.10.

Upgrade to Unbound 1.5.9.

Upgrade to Unbound 1.5.7.

Upgrade to Unbound 1.5.4.

Upgrade Unbound to 1.5.3.

Upgrade to Unbound 1.5.1. Almost all our local changes to date have been
adopted upstream, greatly reducing the diff.

Upgrade to latest ldns (1.6.17) and unbound (1.4.22).

MFC after: 3 weeks

Upgrade to 1.4.20.

Minimal subset of the unbound sources.

unbound: Vendor import 1.16.2

Security update to unbound.

PR: 265645
Security: CVE-2022-30698, CVE-2022-30699
Security: bc43a578-14ec-11ed-856e-d4c9ef517024
MFC after: 3 days

Merge commit '9b76d32f2310b735dbeb896cbf2776cad61f23e8' into main

unbound: Vendor import 1.16.1

Merge commit 'd57351465531b38689892ec862de2725b52842dd' into unbound/main2

MFC after: 1 month

unbound: Vendor import 1.16.0

Merge commit '5f9f82264b91e041df7cba2406625146e7268ce4' into main

MFC after: 1 month

unbount: Vendor import 1.14.0rc1

This vendor import was requested by glebius@ as it should fix unbound
crashes.

Reported by: glebius
MFC after: 1 week

unbound: Vendor import 1.13.2

Merge commit '625f1c1312fb7defbd148c8ba121a0cf058707ef'

MFC after: 1 month

MFV 364468:

Update unbound 1.10.1 --> 1.11.0.

MFH: 1 month

MFV r361322:

Update unbound 1.9.6 --> 1.10.1.

Bug Fixes:
- CVE-2020-12662 Unbound can be tricked into amplifying an incoming
query into a large number of queries directed to a target.
- CVE-2020-12663 Malformed answers from upstream name servers can be
used to make Unbound unresponsive.

Reported by: emaste
MFC after: 3 days
Relnotes: yes
Security: CVE-2020-12662, CVE-2020-12663

Upgrade Unbound to 1.9.2.

Upgrade Unbound to 1.8.0. More to follow.

Approved by: re (kib)

Upgrade Unbound to 1.7.2. More to follow.

Approved by: re (kib@)

Upgrade Unbound to 1.7.1.

Upgrade Unbound to 1.7.0. More to follow.

Upgrade Unbound to 1.6.1. More to follow.

Upgrade Unbound to 1.6.0. More to follow.

Upgrade to Unbound 1.5.10.

Upgrade to Unbound 1.5.9.

Upgrade to Unbound 1.5.7.

Upgrade to Unbound 1.5.4.

Upgrade Unbound to 1.5.3.

Upgrade to Unbound 1.5.1. Almost all our local changes to date have been
adopted upstream, greatly reducing the diff.

Upgrade to latest ldns (1.6.17) and unbound (1.4.22).

MFC after: 3 weeks

Upgrade to 1.4.20.

Minimal subset of the unbound sources.

unbound: Vendor import 1.16.1

Merge commit 'd57351465531b38689892ec862de2725b52842dd' into unbound/main2

MFC after: 1 month

unbound: Vendor import 1.16.0

Merge commit '5f9f82264b91e041df7cba2406625146e7268ce4' into main

MFC after: 1 month

unbount: Vendor import 1.14.0rc1

This vendor import was requested by glebius@ as it should fix unbound
crashes.

Reported by: glebius
MFC after: 1 week

unbound: Vendor import 1.13.2

Merge commit '625f1c1312fb7defbd148c8ba121a0cf058707ef'

MFC after: 1 month

MFV 364468:

Update unbound 1.10.1 --> 1.11.0.

MFH: 1 month

MFV r361322:

Update unbound 1.9.6 --> 1.10.1.

Bug Fixes:
- CVE-2020-12662 Unbound can be tricked into amplifying an incoming
query into a large number of queries directed to a target.
- CVE-2020-12663 Malformed answers from upstream name servers can be
used to make Unbound unresponsive.

Reported by: emaste
MFC after: 3 days
Relnotes: yes
Security: CVE-2020-12662, CVE-2020-12663

Upgrade Unbound to 1.9.2.

Upgrade Unbound to 1.8.0. More to follow.

Approved by: re (kib)

Upgrade Unbound to 1.7.2. More to follow.

Approved by: re (kib@)

Upgrade Unbound to 1.7.1.

Upgrade Unbound to 1.7.0. More to follow.

Upgrade Unbound to 1.6.1. More to follow.

Upgrade Unbound to 1.6.0. More to follow.

Upgrade to Unbound 1.5.10.

Upgrade to Unbound 1.5.9.

Upgrade to Unbound 1.5.7.

Upgrade to Unbound 1.5.4.

Upgrade Unbound to 1.5.3.

Upgrade to Unbound 1.5.1. Almost all our local changes to date have been
adopted upstream, greatly reducing the diff.

Upgrade to latest ldns (1.6.17) and unbound (1.4.22).

MFC after: 3 weeks

Upgrade to 1.4.20.

Minimal subset of the unbound sources.

unbound: Vendor import 1.16.0

Merge commit '5f9f82264b91e041df7cba2406625146e7268ce4' into main

MFC after: 1 month

unbount: Vendor import 1.14.0rc1

This vendor import was requested by glebius@ as it should fix unbound
crashes.

Reported by: glebius
MFC after: 1 week

unbound: Vendor import 1.13.2

Merge commit '625f1c1312fb7defbd148c8ba121a0cf058707ef'

MFC after: 1 month

MFV 364468:

Update unbound 1.10.1 --> 1.11.0.

MFH: 1 month

MFV r361322:

Update unbound 1.9.6 --> 1.10.1.

Bug Fixes:
- CVE-2020-12662 Unbound can be tricked into amplifying an incoming
query into a large number of queries directed to a target.
- CVE-2020-12663 Malformed answers from upstream name servers can be
used to make Unbound unresponsive.

Reported by: emaste
MFC after: 3 days
Relnotes: yes
Security: CVE-2020-12662, CVE-2020-12663

Upgrade Unbound to 1.9.2.

Upgrade Unbound to 1.8.0. More to follow.

Approved by: re (kib)

Upgrade Unbound to 1.7.2. More to follow.

Approved by: re (kib@)

Upgrade Unbound to 1.7.1.

Upgrade Unbound to 1.7.0. More to follow.

Upgrade Unbound to 1.6.1. More to follow.

Upgrade Unbound to 1.6.0. More to follow.

Upgrade to Unbound 1.5.10.

Upgrade to Unbound 1.5.9.

Upgrade to Unbound 1.5.7.

Upgrade to Unbound 1.5.4.

Upgrade Unbound to 1.5.3.

Upgrade to Unbound 1.5.1. Almost all our local changes to date have been
adopted upstream, greatly reducing the diff.

Upgrade to latest ldns (1.6.17) and unbound (1.4.22).

MFC after: 3 weeks

Upgrade to 1.4.20.

Minimal subset of the unbound sources.

unbount: Vendor import 1.14.0rc1

This vendor import was requested by glebius@ as it should fix unbound
crashes.

Reported by: glebius
MFC after: 1 week

unbound: Vendor import 1.13.2

Merge commit '625f1c1312fb7defbd148c8ba121a0cf058707ef'

MFC after: 1 month

MFV 364468:

Update unbound 1.10.1 --> 1.11.0.

MFH: 1 month

MFV r361322:

Update unbound 1.9.6 --> 1.10.1.

Bug Fixes:
- CVE-2020-12662 Unbound can be tricked into amplifying an incoming
query into a large number of queries directed to a target.
- CVE-2020-12663 Malformed answers from upstream name servers can be
used to make Unbound unresponsive.

Reported by: emaste
MFC after: 3 days
Relnotes: yes
Security: CVE-2020-12662, CVE-2020-12663

Upgrade Unbound to 1.9.2.

Upgrade Unbound to 1.8.0. More to follow.

Approved by: re (kib)

Upgrade Unbound to 1.7.2. More to follow.

Approved by: re (kib@)

Upgrade Unbound to 1.7.1.

Upgrade Unbound to 1.7.0. More to follow.

Upgrade Unbound to 1.6.1. More to follow.

Upgrade Unbound to 1.6.0. More to follow.

Upgrade to Unbound 1.5.10.

Upgrade to Unbound 1.5.9.

Upgrade to Unbound 1.5.7.

Upgrade to Unbound 1.5.4.

Upgrade Unbound to 1.5.3.

Upgrade to Unbound 1.5.1. Almost all our local changes to date have been
adopted upstream, greatly reducing the diff.

Upgrade to latest ldns (1.6.17) and unbound (1.4.22).

MFC after: 3 weeks

Upgrade to 1.4.20.

Minimal subset of the unbound sources.

unbound: Vendor import 1.13.2

Merge commit '625f1c1312fb7defbd148c8ba121a0cf058707ef'

MFC after: 1 month

MFV 364468:

Update unbound 1.10.1 --> 1.11.0.

MFH: 1 month

MFV r361322:

Update unbound 1.9.6 --> 1.10.1.

Bug Fixes:
- CVE-2020-12662 Unbound can be tricked into amplifying an incoming
query into a large number of queries directed to a target.
- CVE-2020-12663 Malformed answers from upstream name servers can be
used to make Unbound unresponsive.

Reported by: emaste
MFC after: 3 days
Relnotes: yes
Security: CVE-2020-12662, CVE-2020-12663

Upgrade Unbound to 1.9.2.

Upgrade Unbound to 1.8.0. More to follow.

Approved by: re (kib)

Upgrade Unbound to 1.7.2. More to follow.

Approved by: re (kib@)

Upgrade Unbound to 1.7.1.

Upgrade Unbound to 1.7.0. More to follow.

Upgrade Unbound to 1.6.1. More to follow.

Upgrade Unbound to 1.6.0. More to follow.

Upgrade to Unbound 1.5.10.

Upgrade to Unbound 1.5.9.

Upgrade to Unbound 1.5.7.

Upgrade to Unbound 1.5.4.

Upgrade Unbound to 1.5.3.

Upgrade to Unbound 1.5.1. Almost all our local changes to date have been
adopted upstream, greatly reducing the diff.

Upgrade to latest ldns (1.6.17) and unbound (1.4.22).

MFC after: 3 weeks

Upgrade to 1.4.20.

Minimal subset of the unbound sources.