2017-09-12 00:26:30 +00:00
|
|
|
<!--
|
|
|
|
|
-
|
|
|
|
|
- This Source Code Form is subject to the terms of the Mozilla Public
|
|
|
|
|
- License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
|
|
|
- file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
|
|
|
|
-->
|
|
|
|
|
<html>
|
|
|
|
|
<head>
|
|
|
|
|
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
|
|
|
|
|
<title></title>
|
|
|
|
|
<meta name="generator" content="DocBook XSL Stylesheets V1.78.1">
|
|
|
|
|
</head>
|
|
|
|
|
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="article">
|
|
|
|
|
|
|
|
|
|
<div class="section">
|
|
|
|
|
<div class="titlepage"><div><div><h2 class="title" style="clear: both">
|
2017-12-15 01:08:34 +00:00
|
|
|
<a name="id-1.2"></a>Release Notes for BIND Version 9.13.0-dev</h2></div></div></div>
|
2017-09-12 00:26:30 +00:00
|
|
|
|
|
|
|
|
<div class="section">
|
|
|
|
|
<div class="titlepage"><div><div><h3 class="title">
|
|
|
|
|
<a name="relnotes_intro"></a>Introduction</h3></div></div></div>
|
|
|
|
|
<p>
|
2017-12-16 01:09:51 +00:00
|
|
|
BIND 9.13 is unstable development release of BIND.
|
2017-09-12 00:26:30 +00:00
|
|
|
This document summarizes new features and functional changes that
|
|
|
|
|
have been introduced on this branch. With each development
|
2017-12-16 01:09:51 +00:00
|
|
|
release leading up to the stable BIND 9.14 release, this document
|
2017-09-12 00:26:30 +00:00
|
|
|
will be updated with additional features added and bugs fixed.
|
|
|
|
|
</p>
|
|
|
|
|
</div>
|
|
|
|
|
|
|
|
|
|
<div class="section">
|
|
|
|
|
<div class="titlepage"><div><div><h3 class="title">
|
|
|
|
|
<a name="relnotes_download"></a>Download</h3></div></div></div>
|
|
|
|
|
<p>
|
|
|
|
|
The latest versions of BIND 9 software can always be found at
|
|
|
|
|
<a class="link" href="http://www.isc.org/downloads/" target="_top">http://www.isc.org/downloads/</a>.
|
|
|
|
|
There you will find additional information about each release,
|
|
|
|
|
source code, and pre-compiled versions for Microsoft Windows
|
|
|
|
|
operating systems.
|
|
|
|
|
</p>
|
|
|
|
|
</div>
|
|
|
|
|
|
|
|
|
|
<div class="section">
|
|
|
|
|
<div class="titlepage"><div><div><h3 class="title">
|
|
|
|
|
<a name="relnotes_security"></a>Security Fixes</h3></div></div></div>
|
2018-02-08 01:11:20 +00:00
|
|
|
<div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; ">
|
|
|
|
|
<li class="listitem">
|
2017-09-12 00:26:30 +00:00
|
|
|
<p>
|
2018-01-05 01:08:34 +00:00
|
|
|
Addresses could be referenced after being freed during resolver
|
|
|
|
|
processing, causing an assertion failure. The chances of this
|
|
|
|
|
happening were remote, but the introduction of a delay in
|
|
|
|
|
resolution increased them. This bug is disclosed in
|
|
|
|
|
CVE-2017-3145. [RT #46839]
|
2017-09-12 00:26:30 +00:00
|
|
|
</p>
|
2018-02-08 01:11:20 +00:00
|
|
|
</li>
|
|
|
|
|
<li class="listitem">
|
|
|
|
|
<p>
|
|
|
|
|
update-policy rules that otherwise ignore the name field now
|
|
|
|
|
require that it be set to "." to ensure that any type list
|
|
|
|
|
present is properly interpreted. If the name field was omitted
|
|
|
|
|
from the rule declaration and a type list was present it wouldn't
|
|
|
|
|
be interpreted as expected.
|
|
|
|
|
</p>
|
|
|
|
|
</li>
|
|
|
|
|
</ul></div>
|
2017-09-12 00:26:30 +00:00
|
|
|
</div>
|
|
|
|
|
|
|
|
|
|
<div class="section">
|
|
|
|
|
<div class="titlepage"><div><div><h3 class="title">
|
|
|
|
|
<a name="relnotes_features"></a>New Features</h3></div></div></div>
|
2017-12-16 01:09:51 +00:00
|
|
|
<div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem">
|
2017-10-28 01:12:35 +00:00
|
|
|
<p>
|
2017-12-16 01:09:51 +00:00
|
|
|
None.
|
2017-10-25 01:08:58 +00:00
|
|
|
</p>
|
2017-12-16 01:09:51 +00:00
|
|
|
</li></ul></div>
|
2017-10-17 01:08:55 +00:00
|
|
|
</div>
|
|
|
|
|
|
|
|
|
|
<div class="section">
|
|
|
|
|
<div class="titlepage"><div><div><h3 class="title">
|
2018-01-20 01:10:44 +00:00
|
|
|
<a name="relnotes_removed"></a>Removed Features</h3></div></div></div>
|
|
|
|
|
<div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem">
|
|
|
|
|
<p>
|
|
|
|
|
<span class="command"><strong>dnssec-keygen</strong></span> can no longer generate HMAC
|
|
|
|
|
keys for TSIG authentication. Use <span class="command"><strong>tsig-keygen</strong></span>
|
|
|
|
|
to generate these keys. [RT #46404]
|
|
|
|
|
</p>
|
|
|
|
|
</li></ul></div>
|
|
|
|
|
</div>
|
|
|
|
|
|
|
|
|
|
<div class="section">
|
|
|
|
|
<div class="titlepage"><div><div><h3 class="title">
|
2017-12-16 01:09:51 +00:00
|
|
|
<a name="relnotes_changes"></a>Feature Changes</h3></div></div></div>
|
2018-02-19 01:09:05 +00:00
|
|
|
<div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; ">
|
|
|
|
|
<li class="listitem">
|
2017-09-12 00:26:30 +00:00
|
|
|
<p>
|
2017-12-16 01:09:51 +00:00
|
|
|
Zone types <span class="command"><strong>primary</strong></span> and
|
|
|
|
|
<span class="command"><strong>secondary</strong></span> are now available as synonyms for
|
|
|
|
|
<span class="command"><strong>master</strong></span> and <span class="command"><strong>slave</strong></span>,
|
|
|
|
|
respectively, in <code class="filename">named.conf</code>.
|
2017-09-12 00:26:30 +00:00
|
|
|
</p>
|
2018-02-19 01:09:05 +00:00
|
|
|
</li>
|
|
|
|
|
<li class="listitem">
|
|
|
|
|
<p>
|
|
|
|
|
<span class="command"><strong>named</strong></span> will now log a warning if the old
|
|
|
|
|
root DNSSEC key is explicitly configured and has not been updated.
|
|
|
|
|
[RT #43670]
|
|
|
|
|
</p>
|
|
|
|
|
</li>
|
|
|
|
|
</ul></div>
|
2017-09-12 00:26:30 +00:00
|
|
|
</div>
|
|
|
|
|
|
|
|
|
|
<div class="section">
|
|
|
|
|
<div class="titlepage"><div><div><h3 class="title">
|
2017-12-16 01:09:51 +00:00
|
|
|
<a name="relnotes_bugs"></a>Bug Fixes</h3></div></div></div>
|
2018-02-03 01:11:31 +00:00
|
|
|
<div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; ">
|
|
|
|
|
<li class="listitem">
|
|
|
|
|
<p>
|
|
|
|
|
When answering authoritative queries, <span class="command"><strong>named</strong></span>
|
|
|
|
|
does not return the target of a cross-zone CNAME between two
|
|
|
|
|
locally served zones; this prevents accidental cache poisoning.
|
|
|
|
|
This same restriction was incorrectly applied to recursive
|
|
|
|
|
queries as well; this has been fixed. [RT #47078]
|
|
|
|
|
</p>
|
|
|
|
|
</li>
|
|
|
|
|
<li class="listitem">
|
2017-10-26 01:09:30 +00:00
|
|
|
<p>
|
2018-01-05 01:08:34 +00:00
|
|
|
Attempting to validate improperly unsigned CNAME responses
|
|
|
|
|
from secure zones could cause a validator loop. This caused
|
|
|
|
|
a delay in returning SERVFAIL and also increased the chances
|
|
|
|
|
of encountering the crash bug described in CVE-2017-3145.
|
|
|
|
|
[RT #46839]
|
2017-10-26 01:09:30 +00:00
|
|
|
</p>
|
2018-02-03 01:11:31 +00:00
|
|
|
</li>
|
|
|
|
|
</ul></div>
|
2017-09-12 00:26:30 +00:00
|
|
|
</div>
|
|
|
|
|
|
|
|
|
|
<div class="section">
|
|
|
|
|
<div class="titlepage"><div><div><h3 class="title">
|
2017-12-16 01:09:51 +00:00
|
|
|
<a name="relnotes_license"></a>License</h3></div></div></div>
|
|
|
|
|
<p>
|
|
|
|
|
BIND is open source software licenced under the terms of the Mozilla
|
|
|
|
|
Public License, version 2.0 (see the <code class="filename">LICENSE</code>
|
|
|
|
|
file for the full text).
|
|
|
|
|
</p>
|
|
|
|
|
<p>
|
|
|
|
|
The license requires that if you make changes to BIND and distribute
|
|
|
|
|
them outside your organization, those changes must be published under
|
|
|
|
|
the same license. It does not require that you publish or disclose
|
|
|
|
|
anything other than the changes you have made to our software. This
|
|
|
|
|
requirement does not affect anyone who is using BIND, with or without
|
|
|
|
|
modifications, without redistributing it, nor anyone redistributing
|
|
|
|
|
BIND without changes.
|
|
|
|
|
</p>
|
|
|
|
|
<p>
|
|
|
|
|
Those wishing to discuss license compliance may contact ISC at
|
|
|
|
|
<a class="link" href="https://www.isc.org/mission/contact/" target="_top">
|
|
|
|
|
https://www.isc.org/mission/contact/</a>.
|
|
|
|
|
</p>
|
2017-09-12 00:26:30 +00:00
|
|
|
</div>
|
|
|
|
|
|
|
|
|
|
<div class="section">
|
|
|
|
|
<div class="titlepage"><div><div><h3 class="title">
|
|
|
|
|
<a name="end_of_life"></a>End of Life</h3></div></div></div>
|
|
|
|
|
<p>
|
2017-12-16 01:09:51 +00:00
|
|
|
BIND 9.13 is an unstable development branch. When its development
|
|
|
|
|
is complete, it will be renamed to BIND 9.14, which will be a
|
|
|
|
|
stable branch.
|
|
|
|
|
</p>
|
|
|
|
|
<p>
|
|
|
|
|
The end of life date for BIND 9.14 has not yet been determined.
|
|
|
|
|
For those needing long term support, the current Extended Support
|
|
|
|
|
Version (ESV) is BIND 9.11, which will be supported until December
|
|
|
|
|
2021. See
|
2017-09-12 00:26:30 +00:00
|
|
|
<a class="link" href="https://www.isc.org/downloads/software-support-policy/" target="_top">https://www.isc.org/downloads/software-support-policy/</a>
|
2017-12-16 01:09:51 +00:00
|
|
|
for details of ISC's software support policy.
|
2017-09-12 00:26:30 +00:00
|
|
|
</p>
|
|
|
|
|
</div>
|
2017-12-16 01:09:51 +00:00
|
|
|
|
2017-09-12 00:26:30 +00:00
|
|
|
<div class="section">
|
|
|
|
|
<div class="titlepage"><div><div><h3 class="title">
|
|
|
|
|
<a name="relnotes_thanks"></a>Thank You</h3></div></div></div>
|
|
|
|
|
<p>
|
|
|
|
|
Thank you to everyone who assisted us in making this release possible.
|
|
|
|
|
If you would like to contribute to ISC to assist us in continuing to
|
|
|
|
|
make quality open source software, please visit our donations page at
|
|
|
|
|
<a class="link" href="http://www.isc.org/donate/" target="_top">http://www.isc.org/donate/</a>.
|
|
|
|
|
</p>
|
|
|
|
|
</div>
|
|
|
|
|
</div>
|
|
|
|
|
</div></body>
|
|
|
|
|
</html>
|
