Unbound updated to 1.4.14
-
Please update your package to 1.4.14_00 it has various fixed and this version addresses CVE-2011-4528 (http://www.unbound.net/downloads/CVE-2011-4528.txt).
Once again let me know if you have any configuration problems. -
wagonza,
the package is not online:
Beginning package installation for Unbound…
Downloading package configuration file... done.
Saving updated package information... done.
Downloading Unbound and its dependencies...
Checking for package installation...
Downloading http://files.pfsense.org/packages/8/All/unbound-1.4.14.tbz ... could not download from there or http://ftp2.FreeBSD.org/pub/FreeBSD/ports/i386/packages-8.1-release/All/unbound-1.4.14.tbz.
of unbound-1.4.14 failed!Installation aborted.Backing up libraries...
Removing package...
Starting package deletion for unbound-1.4.14...done.
Starting package deletion for ldns-1.6.11...done.
Starting package deletion for expat-2.0.1_2...done.
Skipping package deletion for libevent-1.4.14b_2 because it is a dependency.
Removing Unbound components...
Tabs items... done.
Menu items... done.
Services... done.
Loading package instructions...
Include file unbound.inc could not be found for inclusion.
Deinstall commands...
Not executing custom deinstall hook because an include is missing.
Removing package instructions...done.
Auxiliary files... done.
Package XML... done.
Configuration... done.
Cleaning up... Failed to install package.Installation halted.
-
yeah hang 5…
-
Roger :)
-
The pkg builder is busy building the package, so it will take some time before 1.4.14 is available - so in the interim wait a couple of hours before updating/install the latest unbound.
-
Still broken :(
-
Yes, both links are still down.
-
WoW this one really did a number on my setup… the link still down :(
-
ouch. DNS Forwarder?
There was a problem on the package builder which jimp fixed. The builder is currently building and has been for the last 3 hours or so. So hopefully it will be finished soon. -
Thanks wagonza. I do have dns forwarder enable it was the rules and configuration for other systems base on the dns that I relay on unbound.
Thanks I am here waiting.
:) -
Ahh ok. It is there now so you can update and then at the same time update to 2.0.1 :)
-
Ahh ok. It is there now so you can update and then at the same time update to 2.0.1 :)
Well very nice!
One thing to notice… the same issue that I had the first time around is now back.... unbound is making the system time out when cheeking for updates and or packages....
I for got last times fix...
Any ideas?
Thanks :)
-
A reboot took care of it :)
Thanks!!!!!
:D -
Cool - good to hear. Please let me know if you have find any bugs.
-
hmmm
So I updated, looked like everything when good – but
; <<>> DiG 9.8.1-P1 <<>> chaos version.bind txt
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56752
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0;; QUESTION SECTION:
;version.bind. CH TXT;; ANSWER SECTION:
version.bind. 0 CH TXT "unbound 1.4.12";; Query time: 5 msec
;; SERVER: 192.168.1.253#53(192.168.1.253)
;; WHEN: Wed Dec 21 08:58:33 2011
;; MSG SIZE rcvd: 57Why is it showing 1.4.12??
So I did a complete removal -- and then reinstall, and still showing 1.4.12, shouldn't it be 1.4.14??
great -- so looking with pkg_info notice showing 3 older versions of ubound, .8, .10 and .12 -- so I removed them all with pkg_delete. Figured would force download of package which it did not seem like it was doing. Now its not downloading package even with full removal of package. And now can not get unbound to start. How do I force the download of the package, or where can I manually download it?
ok manually found it here
http://files.pfsense.org/packages/8/All/unbound-1.4.14.tbzBut got these errors when installed it.
pkg_add: warning: package 'unbound-1.4.14' requires 'expat-2.0.1_2', but 'expat-2.0.1_1' is installed
pkg_add: warning: package 'unbound-1.4.14' requires 'ldns-1.6.11', but 'ldns-1.6.10' is installed
pkg_add: warning: package 'unbound-1.4.14' requires 'libevent-1.4.14b_2', but 'libevent-1.4.14b_1' is installed -
1.4.14 had new dependancies. As to why all the previous versions were still hanging around I cant say. Will fire up an old VM here that has an outdated version and see if I can replicate.
-
You can try to remove it's packages with pkg_del but be carefull with package dependencies.
After removing it, reinstall package.
-
Yeah I could force a delete of the old packages and then install the current ones, but as you mention doesn't that break dependencies?
How are you suppose to correctly update these packages? So that you maintain dependencies?
I have the 1.4.14 installed and it seems to be working with the old packages, but something is broke if the the other packages don't get updated as well if you ask me.
And even when I removed the old unbound packages, using the package manager in pfsense did not seem to download the current unbound package I had to manually install it with pkg_add -r url
edit:
hmmm, take it back that everything is working.. Does not seem to want to listen on loopback for ipv4 or ipv6.. I have unchecked the interface saved, and rechecked and then saved and then restarted and only listening on 127.0.0.1 for control on port 953.Looks like going to have to manually edit config to get it to work, or use advanced options?
Ok if just pick loopback it listens on loopback, but if pick both interfaces lan and loopback it only listens on lan
-
Yeah I could force a delete of the old packages and then install the current ones, but as you mention doesn't that break dependencies?
When you try to delete some package that has dependencies, freebsd lists you dependecies and abort pkg_delete.
-
yeah I agree so how do you update expat-2.0.1_1 to expat-2.0.1_2
if you force delete of expat-2.0.1_1, don't you break dependencies so even if you install expat-2.0.1_2 the dependencies are broken, so then I could delete expat-2.0.1_2 without warning that others depend on it, etc.
Same goes for the other 2 packages that 1.4.14 wants newer versions of.
edit: btw I got it to listen on loopback by manual edit of /usr/local/etc/unbound/unbound.conf and then restart of services.
Now its bound to both lan ipv4 and v6 and loopback ipv4 and v6
tcp6 0 0 ::1.53 . LISTEN
tcp4 0 0 127.0.0.1.53 . LISTEN
tcp6 0 0 2001:470:xxxx:b8.53 . LISTEN
tcp4 0 0 192.168.1.253.53 . LISTENudp6 0 0 ::1.53 .
udp4 0 0 127.0.0.1.53 .
udp6 0 0 2001:470:xxxx:b8.53 .
udp4 0 0 192.168.1.253.53 .But using the unbound gui to listen on both lan and loopback does not seem to work
