[getdns-users] dnsovertls*.sinodun.com servers being retired this week (9th Sept)

Sara Dickinson sara at sinodun.com
Mon Sep 5 09:53:51 UTC 2022 

Hi All,

As previously announced the dnsovertls*.sinodun.com servers are being retired and will be taken off-line at the end of this week (9th Sept). Our thanks go to Surfnet for hosting these servers for the project for many years!

The latest example Stubby config file at:
https://github.com/getdnsapi/stubby/blob/master/stubby.yml.example
supplied with the 0.4.2 release contains updated configuration which has these servers removed and the getdnsapi.net server as the only default server. If you are not already using the latest config file, please update your config to remove the dnsovertls*.sinodun.com servers and we highly recommend that you add additional default servers. See the alternative servers provided in the latest config file and also details at https://dnsprivacy.org/public_resolvers and https://dnsprivacy.org/test_servers

Best regards

Sara.

> On 19 Aug 2022, at 19:55, Willem Toorop via Users <users at lists.getdnsapi.net> wrote:
> 
> Signed PGP part
> Dear all,
> 
> We have a new 1.7.2 quickfix release of getdns. Version 1.7.1. contained a version of Stubby that would fail to start with config files missing the new log_level setting. The version 0.4.2 of Stubby included in this version has this resolved. Compared to version 1.7.0 and Stubby version 0.4.0 this is mostly a bugfix release with most prominently a fix for a crash that occured when looking up and DNSSEC validating certain RR types.
> 
> This release has a Stubby version 0.4.2 included with updated upstreams servers in the example stubby.yml config file.
> 
> NOTE! The dnsovertls*.sinodun.com servers will retire later this month so we strongly encourage you to update the config file with the new default upstream servers and choose (uncomment) some additional servers from the list available. The getdnsapi.net server is the only default resolver left and is a single point of failure in your setup if no other resolvers are chosen.
> 
> 
> link  : https://getdnsapi.net/dist/getdns-1.7.2.tar.gz
> pgp   : https://getdnsapi.net/dist/getdns-1.7.2.tar.gz.asc
> sha256: db89fd2a940000e03ecf48d0232b4532e5f0602e80b592be406fd57ad76fdd17
> 
> web   : https://getdnsapi.net/releases/getdns-1-7-2/
> github: https://github.com/getdnsapi/getdns/releases/tag/v1.7.2
> 
> 
> ChangeLog
> =========
> * 2022-08-19: Version 1.7.2
>  * Stubby updated to 0.4.2 quickfix release
> 
> * 2022-08-19: Version 1.7.1
>  * Always send the `dot` ALPN when using DoT
>  * Strengthen version determination for Libidn2 during cmake processing
>    (thanks jpbion).
>  * Fix for issue in UDP stream selection in case of timeouts.
>    Thanks Shikha Sharma
>  * Fix using asterisk in ipstr for any address. Thanks uzlonewolf.
>  * Issue stubby#295: rdata not correctly written for validation for
>    certain RR type. Also, set default built type to RelWithDebInfo and
>    expose CFLAGS via GETDNS_BUILD_CFLAGS define and via
>    getdns_context_get_api_information()
>  * Issue #524: Bug fixes from submodules' upstream?
>    Thanks Johnnyslee
>  * Issue #517: Allow Absolute path CMAKE_INSTALL_{INCLUDE,LIB}DIR in
>    pkg-config files. Thanks Alex Shpilkin
>  * Issue #512: Update README.md to show correct PGP key location.
>    Thanks Katze Prior.
> 
> Stubby ChangeLog
> ================
> * 2022-08-19: version 0.4.2
>  * Fix Issue #320: Stubby doesn't start without "log_level"
>    entry. Thanks Johnny S. Lee
> 
> * 2022-08-19: Version 0.4.1
>  * Several updates to the servers in the config file:
>     * sinodun.dnsovertls*.com servers are removed and will be
>       decommissioned in the near future. This leaves only the
>       getdnsapi.net server as the default.
>       A recommendation is made that users choose additional servers
>       from the list available.
>     * Additional Quad9 servers added (thanks pataquets).
>     * LDN servers removed as the service is now stopped.
>     * Tidy up of remaining server data.
>     * Change `comment` lines on Uncensored server data to more clearly
>       be comments (not valid YAML)
>     * Fix and improve descriptions of default values
>     * getdnsapi.net DoT servers liston on port 443 now too
>  * Fixes for parsing of quoted key values for `tls-ca-file`,
>    `tls-curves-list` and `resolvconf`
>  * Add Dockerfile into `contrib` - thanks to pataquets.
>  * Strengthen version checking for LibIDN2 during the cmake step so
>    LibIDN2 version 2.3.3 can be properly found (thanks jpbion).
>  * Updated systemd/stubby.service file. Thanks Bruno Pagani
>  * log level configurable in config file with log_level setting
>    Command line setting (with -v or -l) overrules the config file
>    setting
> <OpenPGP_0xE5F8F8212F77A498.asc>
> 
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: Message signed with OpenPGP
URL: <http://lists.getdnsapi.net/pipermail/users/attachments/20220905/c428a755/attachment.bin>

More information about the Users mailing list