2022-04-12 13:41:18 +02:00
|
|
|
.. Copyright (C) Internet Systems Consortium, Inc. ("ISC")
|
|
|
|
|
..
|
|
|
|
|
.. SPDX-License-Identifier: MPL-2.0
|
|
|
|
|
..
|
|
|
|
|
.. This Source Code Form is subject to the terms of the Mozilla Public
|
|
|
|
|
.. License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
|
|
|
.. file, you can obtain one at https://mozilla.org/MPL/2.0/.
|
|
|
|
|
..
|
|
|
|
|
.. See the COPYRIGHT file distributed with this work for additional
|
|
|
|
|
.. information regarding copyright ownership.
|
|
|
|
|
|
2023-07-10 15:08:50 +02:00
|
|
|
Notes for BIND 9.19.16
|
2023-01-13 15:35:32 +01:00
|
|
|
----------------------
|
2022-04-12 13:41:18 +02:00
|
|
|
|
|
|
|
|
Security Fixes
|
|
|
|
|
~~~~~~~~~~~~~~
|
|
|
|
|
|
|
|
|
|
- None.
|
|
|
|
|
|
|
|
|
|
New Features
|
|
|
|
|
~~~~~~~~~~~~
|
|
|
|
|
|
2023-06-12 16:12:40 +02:00
|
|
|
- None.
|
2023-03-30 15:32:59 +02:00
|
|
|
|
2022-04-12 13:41:18 +02:00
|
|
|
Removed Features
|
|
|
|
|
~~~~~~~~~~~~~~~~
|
|
|
|
|
|
2023-07-11 16:57:42 +02:00
|
|
|
- The 'auto-dnssec' configuration option has now been removed. Please
|
|
|
|
|
use :any:`dnssec-policy` or manual signing instead. The following options
|
|
|
|
|
have become obsolete: :any:`dnskey-sig-validity`, :any:`dnssec-dnskey-kskonly`,
|
|
|
|
|
:any:`dnssec-update-mode`, :any:`sig-validity-interval`, and
|
|
|
|
|
:any:`update-check-ksk`. :gl:`#3672`.
|
2023-03-22 15:06:58 -07:00
|
|
|
|
2022-04-12 13:41:18 +02:00
|
|
|
Feature Changes
|
|
|
|
|
~~~~~~~~~~~~~~~
|
|
|
|
|
|
2023-07-10 15:08:50 +02:00
|
|
|
- None.
|
2023-02-21 14:39:27 +00:00
|
|
|
|
2023-07-06 17:19:52 +10:00
|
|
|
- Return BADCOOKIE for out-of-date or otherwise bad, well formed
|
|
|
|
|
DNS SERVER COOKIES. Previously these were silently treated as
|
|
|
|
|
DNS CLIENT COOKIES. :gl:`#4194`
|
|
|
|
|
|
2022-12-09 12:42:05 +01:00
|
|
|
- The option :any:`inline-signing` can now also be set inside
|
|
|
|
|
:any:`dnssec-policy`. The built-in policies ``default`` and ``insecure``
|
|
|
|
|
enable the use of :any:`inline-signing`. If you set :any:`inline-signing`
|
|
|
|
|
at the ``zone`` level, it overrides the value used set in
|
|
|
|
|
:any:`dnssec-policy`. :gl:`#3677`.
|
|
|
|
|
|
2022-04-12 13:41:18 +02:00
|
|
|
Bug Fixes
|
|
|
|
|
~~~~~~~~~
|
|
|
|
|
|
2023-07-10 15:08:50 +02:00
|
|
|
- None.
|
2023-06-02 12:49:15 +03:00
|
|
|
|
2023-06-29 14:51:51 +02:00
|
|
|
- Query-processing latency under load has been improved by reducing the
|
|
|
|
|
uninterrupted time spent by resolving long cached chains of domain names.
|
|
|
|
|
:gl:`#4185`
|
|
|
|
|
|
2023-07-26 11:55:20 +02:00
|
|
|
- Ignore :any:`max-zone-ttl` for :any:`dnssec-policy` "insecure",
|
|
|
|
|
otherwise some zones will not be loaded if they use a TTL value larger
|
|
|
|
|
than 86400. :gl:`#4032`.
|
|
|
|
|
|
2022-11-07 14:03:15 +01:00
|
|
|
Known Issues
|
|
|
|
|
~~~~~~~~~~~~
|
|
|
|
|
|
2023-03-07 14:10:26 +01:00
|
|
|
- There are no new known issues with this release. See :ref:`above
|
|
|
|
|
<relnotes_known_issues>` for a list of all known issues affecting this
|
|
|
|
|
BIND 9 branch.
|
