NEWS

Unbound 1.7.1 released

Unbound 1.7.1 released

This version has the root key sentinel implemented and supports DNS-over-TLS authentication.
Benno Overeinder appointed DNSOP co-chair

Benno Overeinder appointed DNSOP co-chair

In the IETF, the DNS Operations (DNSOP) Working Group serves as the shepherd of the DNS protocols. It develops guidelines for the operation of DNS software and services as well as the operation of...
New website launch

New website launch

We are proud to launch a brand new website for NLnet Labs, with a sleek new logo and fresh content. Our new home offers a comprehensive overview of the projects we maintain, as well as the...
Unbound 1.7.0 released

Unbound 1.7.0 released

This version introduces Authority zones (RFC 7706) and Aggressive NSEC (RFC 8198).
NSD 4.1.20 released

NSD 4.1.20 released

This version is a bug fix release intended to close two memory leaks.
Net::DNS 1.15 released

Net::DNS 1.15 released

This release has no bugs resolved nor any new features. Besides some minor code maintenance, this release only adds a Change notice to formalize the retirement of the GOST R 34.11-94 hash...
The peculiar case of NSEC processing using expanded wildcard records

The peculiar case of NSEC processing using expanded wildcard records

We discovered a vulnerability in the processing of wildcard synthesized NSEC records. The result was Unbound, Google public DNS, PowerDNS and Dnsmasq contained a flaw that made it possible to...
Bringing DNS Security and Privacy to the End User

Bringing DNS Security and Privacy to the End User

How the getdns API project helps to achieve the goal of DNSSEC validation and DANE authentication at the end-points. Related links: Blog post
Unbound 1.6.8 released

Unbound 1.6.8 released

Unbound 1.6.8 fixes CVE-2017-15105: vulnerability in the processing of wildcard synthesized NSEC records. Related links: Unbound project page Direct Download Changes