Unclaimed project
Are you a maintainer of unbound? Claim this project to take control of your public changelog and roadmap.
Changelog
Unbound is a validating, recursive, and caching DNS resolver.
Last updated 30 days ago
Display and control your Android device
The fastest path to AI-powered full stack observability, even for lean teams.
For developers, who are building real-time data-driven applications, Redis is the preferred, fastest, and most feature-rich cache, data structure server, and document and vector query engine.
A command line tool and library for transferring data with URL syntax, supporting DICT, FILE, FTP, FTPS, GOPHER, GOPHERS, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, MQTT, MQTTS, POP3, POP3S, RTMP, RTMPS, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET, TFTP, WS and WSS. libcurl offers a myriad of powerful features
This security release has additional fixes for CVE-2025-11411.
Promiscuous NS RRSets that complement DNS replies in the authority section can be used to trick resolvers to update their delegation information for the zone.
The CVE is described here https://nlnetlabs.nl/downloads/unbound/CVE-2025-11411.txt
Unbound 1.24.1 included a fix that scrubs unsolicited NS RRSets (and their respec...
This security release fixes CVE-2025-11411.
Promiscuous NS RRSets that complement DNS replies in the authority section can be used to trick resolvers to update their delegation information for the zone.
The CVE is described here https://nlnetlabs.nl/downloads/unbound/CVE-2025-11411.txt
We would like to thank Yuxiao Wu, Yunyi Zhang, Baojun Liu and Haixin Duan from Tsinghua University f...
Unbound 1.24.0
This release features increased defaults, num.valops statistic, unbound-control cache_lookup, and bug fixes.
The default value increase for num-queries-per-thread is to make saturation of the task queue more resource intensive and less practical. Thanks to Shiming Liu, Network and Information Security Lab, Tsinghua University for the report.
The default value increase f...
This security release fixes the Rebirthday Attack CVE-2025-5994.
This re-opens up resolvers to a birthday paradox, for EDNS client subnet servers that respond with non-ECS answers. It only affects Unbound when compiled with --enable-subnet, and subnetmod is enabled with config options that send ECS information to upstream servers.
The CVE is described here https://nlnetlabs.nl/downloads/...
Unbound 1.23.0
This release features changed defaults, fast reload, redis replica, DNS Error Reporting, and bug fixes.
The fast reload is a feature that is listed as experimental. With
unbound-control fast_reload the server can read the new config in
a thread, and when done only briefly pauses the server to update the
settings. This uses double memory, for like zones from disk or confi...