2022-04-12 13:41:18 +02:00
|
|
|
.. Copyright (C) Internet Systems Consortium, Inc. ("ISC")
|
|
|
|
..
|
|
|
|
.. SPDX-License-Identifier: MPL-2.0
|
|
|
|
..
|
|
|
|
.. This Source Code Form is subject to the terms of the Mozilla Public
|
|
|
|
.. License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
|
|
.. file, you can obtain one at https://mozilla.org/MPL/2.0/.
|
|
|
|
..
|
|
|
|
.. See the COPYRIGHT file distributed with this work for additional
|
|
|
|
.. information regarding copyright ownership.
|
|
|
|
|
2022-09-09 19:56:43 +02:00
|
|
|
Notes for BIND 9.19.6
|
2022-04-12 13:41:18 +02:00
|
|
|
---------------------
|
|
|
|
|
|
|
|
Security Fixes
|
|
|
|
~~~~~~~~~~~~~~
|
|
|
|
|
|
|
|
- None.
|
|
|
|
|
|
|
|
Known Issues
|
|
|
|
~~~~~~~~~~~~
|
|
|
|
|
|
|
|
- None.
|
|
|
|
|
|
|
|
New Features
|
|
|
|
~~~~~~~~~~~~
|
|
|
|
|
2022-09-09 19:56:43 +02:00
|
|
|
- None.
|
2022-05-03 09:28:26 +00:00
|
|
|
|
2020-11-24 10:44:40 +11:00
|
|
|
- A new configuration option ``require-cookie`` has been introduced, it
|
|
|
|
specifies if there should be a DNS COOKIE in the response for a given
|
|
|
|
prefix and if not named falls back to TCP. This is useful if you know
|
|
|
|
a given server support DNS COOKIE. It can also be used to force all
|
|
|
|
non DNS COOKIE responses to fall back to TCP. :gl:`#2295`
|
|
|
|
|
2021-10-21 10:02:45 +02:00
|
|
|
- Add libsystemd sd_notify() integration that allows the ``named`` to report
|
|
|
|
status to the supervisor. This allows the systemd to wait until ``named`` is
|
|
|
|
fully started before starting other services that depend on name resolution.
|
|
|
|
:gl:`#1176`
|
|
|
|
|
2022-09-21 15:15:26 +00:00
|
|
|
- The ``nsupdate`` tool now supports DNS-over-TLS (DoT). :gl:`#1781`
|
|
|
|
|
2022-09-28 09:01:39 +00:00
|
|
|
- :iscman:``named`` now supports forwarding Dynamic DNS updates through
|
|
|
|
DNS-over-TLS (DoT), configured with a TLS-enabled primary server. :gl:`#3512`
|
|
|
|
|
2022-09-27 15:13:13 +02:00
|
|
|
- :iscman:`named` now logs the supported cryptographic algorithms during
|
|
|
|
startup and in the output of :option:`named -V`. :gl:`#3541`
|
|
|
|
|
2022-04-12 13:41:18 +02:00
|
|
|
Removed Features
|
|
|
|
~~~~~~~~~~~~~~~~
|
|
|
|
|
2022-07-11 08:49:38 +02:00
|
|
|
- None.
|
2022-04-12 13:41:18 +02:00
|
|
|
|
|
|
|
Feature Changes
|
|
|
|
~~~~~~~~~~~~~~~
|
|
|
|
|
2022-08-16 16:02:45 +01:00
|
|
|
- When an international domain name is not valid according to IDNA2008,
|
|
|
|
:program:`dig` will now try to convert it according to IDNA2003 rules,
|
|
|
|
or pass it through unchanged, instead of stopping with an error message.
|
|
|
|
You can use the ``idna2`` utility for checking IDNA syntax. :gl:`#3485`.
|
2022-08-26 12:28:10 +02:00
|
|
|
|
2022-09-08 10:01:25 +10:00
|
|
|
- The DNSSEC signing data included in zone statistics identified
|
|
|
|
keys only by the key ID; this caused confusion when two keys using
|
|
|
|
different algorithms had the same ID. Zone statistics now identify
|
|
|
|
keys using the algorithm number, followed by "+", followed by the
|
|
|
|
key ID: for example, "8+54274". :gl:`#3525`
|
|
|
|
|
2022-09-14 12:53:42 +10:00
|
|
|
- The ability to use pkcs11 via engine_pkcs11 has been restored, by only using
|
|
|
|
deprecated APIs in OpenSSL 3.0.0. BIND needs to be compiled
|
|
|
|
with '-DOPENSSL_API_COMPAT=10100' specified in the CFLAGS at
|
|
|
|
compile time. :gl:`!6711`
|
|
|
|
|
2022-09-27 14:16:17 +02:00
|
|
|
- Compiling BIND 9 now requires at least libuv version 1.34.0 or higher. The
|
|
|
|
libuv should be available on all supported platforms either as a native
|
|
|
|
package or as a backport. :gl:`#3567`
|
|
|
|
|
2022-04-12 13:41:18 +02:00
|
|
|
Bug Fixes
|
|
|
|
~~~~~~~~~
|
|
|
|
|
2022-09-09 10:48:13 +02:00
|
|
|
- An assertion failure was fixed in ``named`` that was caused by aborting the statistics
|
|
|
|
channel connection while sending statistics data to the client. :gl:`#3542`
|
2022-09-22 14:03:17 +02:00
|
|
|
|
|
|
|
- :iscman:`named` could incorrectly return non-truncated, glueless
|
|
|
|
referrals for responses whose size was close to the UDP packet size
|
|
|
|
limit. :gl:`#1967`
|
2022-09-23 17:53:08 +10:00
|
|
|
|
|
|
|
- Changing just the TSIG key names for primaries in catalog zones' member
|
|
|
|
zones was not effective. :gl:`#3557`
|
|
|
|
|