Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

unbound.service.in: upgrade hardening to latest standards #512

Merged
merged 1 commit into from Jul 26, 2021
Merged

unbound.service.in: upgrade hardening to latest standards #512

merged 1 commit into from Jul 26, 2021

Conversation

ArchangeGabriel
Copy link
Contributor

Systemd gradually introduced new protection bits, let’s enable them.

This enhance the security score from 3.6 to 3.0. I’ve tested it on two systems, but definitively do not cover all cases, so further testing would be welcome.

Systemd gradually introduced new protection bits, let’s enable them.
@wcawijngaards wcawijngaards merged commit 1e17b8f into NLnetLabs:master Jul 26, 2021
wcawijngaards added a commit that referenced this pull request Jul 26, 2021
- Merge #512: unbound.service.in: upgrade hardening to latest
  standards.
@wcawijngaards
Copy link
Member

Thanks for the upgrade, committed the patch to the repository.

jedisct1 added a commit to jedisct1/unbound that referenced this pull request Jul 27, 2021
* nlnet/master:
  - Changelog entry for NLnetLabs#513: Stream reuse, attempt to fix NLnetLabs#411, NLnetLabs#439,   NLnetLabs#469.
  - Fix readzone unknown type print for memory resize.
  - Fix unittcpreuse.c: properly initialise outnet.
  - Remove redundant log_assert and fix error messages.
  - stream reuse, do not explicitly wait for a free pending_tcp if a reuse   could be used.
  Changelog note for NLnetLabs#512 - Merge NLnetLabs#512: unbound.service.in: upgrade hardening to latest   standards.
  unbound.service.in: upgrade hardening to latest standards
  - Add unittest for tcp_reuse functions.
  - stream reuse, move log_assert to the correct location.
  - stream reuse, clean links on structs that are unlinked from a list.
  - Fix for NLnetLabs#411, NLnetLabs#439, NLnetLabs#469: stream reuse, fix loop in the free   pending_tcp list.
  - Fix for NLnetLabs#411, NLnetLabs#439, NLnetLabs#469: stream reuse, fix outnet deletion for all   non-free pending_tcp.
  - Fix for NLnetLabs#411, NLnetLabs#439, NLnetLabs#469: stream reuse, fix LRU list when reuse is   already in the tree.
  - Fix for NLnetLabs#411, NLnetLabs#439, NLnetLabs#469: stream reuse, fix linking when touching the   tcp_reuse LRU list.
  - More log_assert for stream reuse operations.
  - Fix that ldns_zone_new_frm_fp_l counts the line number for an empty   line after a comment.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

2 participants