2022-04-12 13:41:18 +02:00
|
|
|
.. Copyright (C) Internet Systems Consortium, Inc. ("ISC")
|
|
|
|
|
..
|
|
|
|
|
.. SPDX-License-Identifier: MPL-2.0
|
|
|
|
|
..
|
|
|
|
|
.. This Source Code Form is subject to the terms of the Mozilla Public
|
|
|
|
|
.. License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
|
|
|
.. file, you can obtain one at https://mozilla.org/MPL/2.0/.
|
|
|
|
|
..
|
|
|
|
|
.. See the COPYRIGHT file distributed with this work for additional
|
|
|
|
|
.. information regarding copyright ownership.
|
|
|
|
|
|
2024-04-04 19:35:03 +02:00
|
|
|
Notes for BIND 9.19.24
|
2023-01-13 15:35:32 +01:00
|
|
|
----------------------
|
2022-04-12 13:41:18 +02:00
|
|
|
|
|
|
|
|
Security Fixes
|
|
|
|
|
~~~~~~~~~~~~~~
|
|
|
|
|
|
|
|
|
|
- None.
|
|
|
|
|
|
|
|
|
|
New Features
|
|
|
|
|
~~~~~~~~~~~~
|
|
|
|
|
|
2024-02-01 09:50:40 +01:00
|
|
|
- A new option :any:`signatures-jitter` is added to :any:`dnssec-policy` to
|
|
|
|
|
spread out signature expiration times over a period of time. :gl:`#4554`
|
|
|
|
|
|
2024-02-22 15:39:20 +01:00
|
|
|
- A new DNSSEC tool :iscman:`dnssec-ksr` is added to create Key Signing Request
|
|
|
|
|
(KSR) and Signed Key Response (SKR) files. :gl:`#1128`
|
|
|
|
|
|
2024-02-06 15:28:12 +03:00
|
|
|
- Queries and responses now emit distinct dnstap entries for DoT and DoH.
|
|
|
|
|
:any:`dnstap-read` understands DoH and DoT entries. :gl:`#4523`
|
|
|
|
|
|
2022-04-12 13:41:18 +02:00
|
|
|
Removed Features
|
|
|
|
|
~~~~~~~~~~~~~~~~
|
|
|
|
|
|
2024-04-24 14:03:50 +02:00
|
|
|
- The ``named`` command line option ``-U <n>``, which specified the number of UDP dispatches,
|
|
|
|
|
has been removed. Using it now prints a warning. :gl:`#1879`
|
2023-10-26 12:00:32 +02:00
|
|
|
|
2022-04-12 13:41:18 +02:00
|
|
|
Feature Changes
|
|
|
|
|
~~~~~~~~~~~~~~~
|
|
|
|
|
|
2024-04-16 17:37:30 +02:00
|
|
|
- Querying the statistics channel no longer blocks the DNS communication
|
|
|
|
|
on the networking event loop. :gl:`#4680`
|
2024-02-12 15:05:21 +01:00
|
|
|
|
2024-04-15 12:44:41 +02:00
|
|
|
- DNSSEC signatures that are not valid because the current time falls outside
|
|
|
|
|
the signature inception and expiration dates no longer count towards maximum
|
|
|
|
|
validation and maximum validation failures limits. :gl:`#4586`
|
|
|
|
|
|
2024-04-18 16:46:38 +02:00
|
|
|
- Multiple RNDC messages will be processed when sent in a single TCP
|
|
|
|
|
message.
|
|
|
|
|
|
|
|
|
|
ISC would like to thank Dominik Thalhammer for reporting the issue
|
|
|
|
|
and preparing the initial patch. :gl:`#4416`
|
|
|
|
|
|
2023-08-15 10:30:36 +02:00
|
|
|
- :iscman:`dnssec-keygen` now allows the options ``-k`` and ``-f`` to be
|
|
|
|
|
used together. This allows creating keys for a given :any:`dnssec-policy`
|
|
|
|
|
that match only the KSK (``-fK``) or ZSK (``-fZ``) role.
|
|
|
|
|
|
2022-04-12 13:41:18 +02:00
|
|
|
Bug Fixes
|
|
|
|
|
~~~~~~~~~
|
|
|
|
|
|
2024-03-13 09:51:24 +01:00
|
|
|
- None.
|
2024-03-06 13:39:25 +01:00
|
|
|
|
2022-11-07 14:03:15 +01:00
|
|
|
Known Issues
|
|
|
|
|
~~~~~~~~~~~~
|
|
|
|
|
|
2023-03-07 14:10:26 +01:00
|
|
|
- There are no new known issues with this release. See :ref:`above
|
|
|
|
|
<relnotes_known_issues>` for a list of all known issues affecting this
|
|
|
|
|
BIND 9 branch.
|
