coredns-1.6.7-bp152.1.19

- Update to version 1.6.7:
  * Required by Kubernetes 1.18
  * make -f Makefile.doc (#3633)
  * Update date on notes (#3632)
  * Remove all shell presubmits (#3631)
  * presubmit tests (#3630)
  * presubmit: add whitespace test in go (#3629)
  * auto go mod tidy
  * build(deps): bump k8s.io/client-go from 0.17.1 to 0.17.2 (#3621)
  * auto go mod tidy
  * build(deps): bump github.com/aws/aws-sdk-go from 1.28.5 to 1.28.9 (#3625)
  * build(deps): bump github.com/prometheus/common from 0.7.0 to 0.9.1 (#3622)

- Update to version 1.6.5:
  * Required by Kubernetes 1.17
  * Three new plugins: kubernetes, foreward, file

- Update to version 1.6.2:
  * Required by Kubernetes 1.16
  * Three new plugins: azure, route53 and forward

- Fix summary of coredns-extras.

- Update to version 1.6.3:
  * Spelling corrections and other minor improvements and polish.
  * Two new plugins: clouddns and sign.
- Changed included from version 1.6.1:
  * Fix a panic in the hosts plugin.
  * The reload now detects changes in files imported from the main Corefile.
  * route53 increases the paging size when talking to the AWS API, this
    decreases the chances of getting throttled.
- Changed included from version 1.6.0:
  * The -cpu flag is removed from this version.
  * This release sports changes in the file plugin.
    A speed up in the log plugin and fixes in the cache and hosts plugins.
  * Upcoming deprecation: the kubernetes federation plugin will be moved to
    github.com/coredns/federation. This is likely to happen in CoreDNS 1.7.0.
- Changed included from version 1.5.2:
  * Small bugfixes and a change to Caddy’s import path
    (mholt/caddy -> caddyserver/caddy).
  * Doing a release helps plugins deal with the change better.
- Changed included from version 1.5.1:
  * Various bugfixes, better documentation and cleanups.
  * The -cpu flag is somewhat redundant (cgroups/systemd/GOMAXPROCS are better
    ways to deal with this) and we want to remove it; if you depend on it in
    some way please voice that in this PR otherwise we’ll remove it in the next
    release.
- Changed included from version 1.5.0:
  * Two new plugins in this release: grpc, and ready. And some polish and
    simplifications in the core server code.
  * The use of TIMEOUT and no_reload in file and auto have been fully deprecated.
    As is the proxy plugin.
  * And a update on two important and active bugs:
  - 2593 seems to hone in on Docker and/or the container environment being a
    contributing factor.
  - 2624 is because of TLS session negotiating in the forward plugin.
- Changed included from version 1.4.0:
  * Our first release after we became a graduated project in CNCF.
  * Deprecation notice for the next release:
  - auto will deprecate TIMEOUT and recommends the use of RELOAD (2516).
  - auto and file will deprecate NO_RELOAD and recommends the use of RELOAD
    set to 0 (2536).
  - health will revert back to report process level health without plugin status.
    A new ready plugin will make sure plugins have at least completed their
    startup sequence.
  - The proxy will be moved to an external repository and as such be
    deprecated from the default set of plugin; use the forward as a replacement.
  - The previous announced deprecations have been enacted.
  - The (unused) gRPC watch functionally was removed from the server.

- Add coredns-extras package to allow use of coredns in a non-containerized
  environment

- Remove systemd support, not needed on openSUSE Kubic
- Build with pie (security policy)

- Update to version 1.3.1:
  * log now allows multiple names to be specified
  * import was added to give it a README.md to make it’s documentation more discoverable
  * kubernetes TTL is also applied to negative responses (NXDOMAIN, etc)
- Changed included from version 1.3.0:
  * EDNS0 handling in the server and make it compliant with https://dnsflagday.net/
  * k8s_external a new plugin that allows external zones to point to Kubernetes in-cluster services.
  * rewrite fixes a bug where a rule would eat the first character of a name
  * log now supported the metadata labels. It also fixes a bug in the formatting of a plugin logging a info/failure/warning
  * forward removes the dynamic read timeout and uses a fixed value now.
  * kubernetes now checks if a zone transfer is allowed. Also allow a TTL of 0 to avoid caching in the cache plugin.

- BuildRequire pkgconfig(systemd) instead of systemd: allow OBS to
  make the build dep chain cheaper by using systemd-mini.

- Update spec file BuildRequires golang(API) >= 1.11

- Trim bias and rhetorics from descriptions.
- Use a single %setup statement.

- Include source tarballs for each of the used golang packages created with
  _service.
  + beorn7-perks.tar.xz
  + golang-protobuf.tar.xz
  + matttproud-golang_protobuf_extensions.tar.xz
  + mholt-caddy.tar.xz
  + miekg-dns.tar.xz
  + prometheus-client_golang.tar.xz
  + prometheus-client_model.tar.xz
  + prometheus-common.tar.xz
  + prometheus-procfs.tar.xz
- Remove makearchive script, previously used to create a single source tarball.
  - makearchive.sh

- Initial package creation version 1.2.6

- Update to version 1.12.1:
  * core: Increase CNAME lookup limit from 7 to 10 (#7153)
  * plugin/kubernetes: Fix handling of pods having DeletionTimestamp set
  * plugin/kubernetes: Revert "only create PTR records for endpoints with
    hostname defined"
  * plugin/forward: added option failfast_all_unhealthy_upstreams to return
    servfail if all upstreams are down
  * bump dependencies, fixing bsc#1239294 and bsc#1239728
- dropped obscpio generation from _service

- Update to version 1.12.0:
  * New multisocket plugin - allows CoreDNS to listen on multiple sockets
  * bump deps

- Update to version 1.11.4:
  * forward plugin: new option next, to try alternate upstreams when receiving
    specified response codes upstreams on (functions like the external plugin
    alternate)
  * dnssec plugin: new option to load keys from AWS Secrets Manager
  * rewrite plugin: new option to revert EDNS0 option rewrites in responses

- Update to version 1.11.3+git129.387f34d:
  * fix CVE-2024-51744 (https://bugzilla.suse.com/show_bug.cgi?id=1232991)
    build(deps): bump github.com/golang-jwt/jwt/v4 from 4.5.0 to 4.5.1 (#6955)
  * core: set cache-control max-age as integer, not float (#6764)
  * Issue-6671: Fixed the order of plugins. (#6729)
  * `root`: explicit mark `dnssec` support (#6753)
  * feat: dnssec load keys from AWS Secrets Manager (#6618)
  * fuzzing: fix broken oss-fuzz build (#6880)
  * Replace k8s.io/utils/strings/slices by Go stdlib slices (#6863)
  * Update .go-version to 1.23.2 (#6920)
  * plugin/rewrite: Add "revert" parameter for EDNS0 options (#6893)
  * Added OpenSSF Scorecard Badge (#6738)
  * fix(cwd): Restored backwards compatibility of Current Workdir (#6731)
  * fix: plugin/auto: call OnShutdown() for each zone at its own OnShutdown() (#6705)
  * feature: log queue and buffer memory size configuration (#6591)
  * plugin/bind: add zone for link-local IPv6 instead of skipping (#6547)
  * only create PTR records for endpoints with hostname defined (#6898)
  * fix: reverter should execute the reversion in reversed order (#6872)
  * plugin/etcd: fix etcd connection leakage when reload (#6646)
  * kubernetes: Add useragent (#6484)
  * Update build (#6836)
  * Update grpc library use (#6826)
  * Bump go version from 1.21.11 to 1.21.12 (#6800)
  * Upgrade antonmedv/expr to expr-lang/expr (#6814)
  * hosts: add hostsfile as label for coredns_hosts_entries (#6801)
  * fix TestCorefile1 panic for nil handling (#6802)

- Update to version 1.11.3:
  * optimize the performance for high qps (#6767)
  * bump deps
  * Fix zone parser error handling (#6680)
  * Add alternate option to forward plugin (#6681)
  * fix: plugin/file: return error when parsing the file fails (#6699)
  * [fix:documentation] Clarify autopath README (#6750)
  * Fix outdated test (#6747)
  * Bump go version from 1.21.8 to 1.21.11 (#6755)
  * Generate zplugin.go correctly with third-party plugins (#6692)
  * dnstap: uses pointer receiver for small response writer (#6644)
  * chore: fix function name in comment (#6608)
  * [plugin/forward] Strip local zone from IPV6 nameservers (#6635)

- Update to upstream head (git commit #5a52707):
  * bump deps to address security issue CVE-2024-22189
  * Return RcodeServerFailure when DNS64 has no next plugin (#6590)
  * add plusserver to adopters (#6565)
  * Change the log flags to be a variable that can be set prior to calling Run (#6546)
  * Enable Prometheus native histograms (#6524)
  * forward: respect context (#6483)
  * add client labels to k8s plugin metadata (#6475)
  * fix broken link in webpage (#6488)
  * Repo controlled Go version (#6526)
  * removed the mutex locks with atomic bool (#6525)
- testsuite run during build (2 tests are skipped due to network requirement)
- note: 1.11.2 was briefly tagged/released and then revoked https://github.com/coredns/coredns/issues/6454

- Update to version 1.11.2:
  * bump dependencies
  * rewrite: fix multi request concurrency issue in cname rewrite  (#6407)
  * plugin/tls: respect the path specified by root plugin (#6138)
  * plugin/auto: warn when auto is unable to read elements of the directory tree (#6333)
  * fix: make the codeowners link relative (#6397)
  * plugin/etcd: the etcd client adds the DialKeepAliveTime parameter (#6351)
  * plugin/cache: key cache on Checking Disabled (CD) bit (#6354)
  * Use the correct root domain name in the proxy plugin's TestHealthX tests (#6395)
  * Add PITS Global Data Recovery Services as an adopter (#6304)
  * Handle UDP responses that overflow with TC bit with test case (#6277)
  * plugin/rewrite: add rcode as a rewrite option (#6204)
- Dropped patch fix-CVE-2024-0874.patch as already included in upstream

- Added patch fix-CVE-2024-0874.patch to fix CVE-2024-0874: coredns: CD bit response is cached and served later

- Update to version 1.11.1:
  * Revert “plugin/forward: Continue waiting after receiving malformed responses
  * plugin/dnstap: add support for “extra” field in payload
  * plugin/cache: fix keepttl parsing
- Update to version 1.11.0:
  * Adds support for accepting DNS connections over QUIC (doq).
  * Adds CNAME target rewrites to the rewrite plugin.
  * Plus many bug fixes, and some security improvements.
  * This release introduces the following backward incompatible changes:
  + In the kubernetes plugin, we have dropped support for watching Endpoint and Endpointslice v1beta,
    since all supported K8s versions now use Endpointslice.
  + The bufsize plugin changed its default size limit value to 1232
  + Some changes to forward plugin metrics.
- Update to version 1.10.1:
  * Corrected architecture labels in multi-arch image manifest
  * A new plugin timeouts that allows configuration of server listener timeout durations
  * acl can drop queries as an action
  * template supports creating responses with extended DNS errors
  * New weighted policy in loadbalance
  * Option to serve original record TTLs from cache

- Update to version 1.10.0:
  * core: add log listeners for k8s_event plugin (#5451)
  * core: log DoH HTTP server error logs in CoreDNS format (#5457)
  * core: warn when domain names are not in RFC1035 preferred syntax (#5414)
  * plugin/acl: add support for extended DNS errors (#5532)
  * plugin/bufsize: do not expand query UDP buffer size if already set to a smaller value (#5602)
  * plugin/cache: add cache disable option (#5540)
  * plugin/cache: add metadata for wildcard record responses (#5308)
  * plugin/cache: add option to adjust SERVFAIL response cache TTL (#5320)
  * plugin/cache: correct responses to Authenticated Data requests (#5191)
  * plugin/dnstap: add identity and version support for the dnstap plugin (#5555)
  * plugin/file: add metadata for wildcard record responses (#5308)
  * plugin/forward: enable multiple forward declarations (#5127)
  * plugin/forward: health_check needs to normalize a specified domain name (#5543)
  * plugin/forward: remove unused coredns_forward_sockets_open metric (#5431)
  * plugin/header: add support for query modification (#5556)
  * plugin/health: bypass proxy in self health check (#5401)
  * plugin/health: don't go lameduck when reloading (#5472)
  * plugin/k8s_external: add support for PTR requests (#5435)
  * plugin/k8s_external: resolve headless services (#5505)
  * plugin/kubernetes: make kubernetes client log in CoreDNS format (#5461)
  * plugin/ready: reset list of readiness plugins on startup (#5492)
  * plugin/rewrite: add PTR records to supported types (#5565)
  * plugin/rewrite: fix a crash in rewrite plugin when rule type is missing (#5459)
  * plugin/rewrite: fix out-of-index issue in rewrite plugin (#5462)
  * plugin/rewrite: support min and max TTL values (#5508)
  * plugin/trace : make zipkin HTTP reporter more configurable using Corefile (#5460)
  * plugin/trace: read trace context info from headers for DOH (#5439)
  * plugin/tsig: add new plugin TSIG for validating TSIG requests and signing responses (#4957)
  * core: update gopkg.in/yaml.v3 to fix CVE-2022-28948
  * core: update golang.org/x/crypto to fix CVE-2022-27191
  * plugin/acl: adding a check to parse out zone info
  * plugin/dnstap: support FQDN TCP endpoint
  * plugin/errors: add stacktrace option to log a stacktrace during panic recovery
  * plugin/template: return SERVFAIL for zone-match regex-no-match case

- Trim bias and rhetorics from descriptions.
- Use a single %setup statement.