From 448884248519a8edade1b51aa7d20140b12764a9 Mon Sep 17 00:00:00 2001 From: Evan Hunt Date: Tue, 22 Mar 2016 20:00:09 -0700 Subject: [PATCH] [master] prep 9.11.0a1 --- CHANGES | 2 + doc/arm/notes.xml | 258 +++------------------------------------------- version | 4 +- 3 files changed, 20 insertions(+), 244 deletions(-) diff --git a/CHANGES b/CHANGES index d12862138f..98d58a5925 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,5 @@ + --- 9.11.0a1 released --- + 4340. [performance] Implement adaptive read-write locks, reducing the overhead of locks that are only held briefly. [RT #37329] diff --git a/doc/arm/notes.xml b/doc/arm/notes.xml index 86c3bc95b9..6a4d737783 100644 --- a/doc/arm/notes.xml +++ b/doc/arm/notes.xml @@ -19,18 +19,19 @@ - PERFORMANCE OF THIS SOFTWARE. --> -
Introduction - - This document summarizes changes since the last production release - of BIND on the corresponding major release branch. + BIND 9.11.0 is a new feature release of BIND, still under development. + This document summarizes new features and functional changes that + have been introduced on this branch. With each development + release leading up to the final BIND 9.11.0 release, this document + will be updated with additional features added and bugs fixed.
-
Download +
Download The latest versions of BIND 9 software can always be found at http://www.isc.org/downloads/. @@ -39,8 +40,8 @@ operating systems.
-
Security Fixes +
Security Fixes @@ -189,10 +190,9 @@ -
-
New Features +
New Features @@ -589,8 +589,8 @@
-
Feature Changes +
Feature Changes @@ -695,9 +695,9 @@ - If named is not configured to validate the answer then - allow fallback to plain DNS on timeout even when we know - the server supports EDNS. This will allow the server to + If named is not configured to validate + answers, then allow fallback to plain DNS on timeout even when + we know the server supports EDNS. This will allow the server to potentially resolve signed queries when TCP is being blocked. @@ -780,249 +780,23 @@
-
Porting Changes +
Porting Changes - The Microsoft Windows install tool - BINDInstall.exe which requires a - non-free version of Visual Studio to be built, now uses two - files (lists of flags and files) created by the Configure - perl script with all the needed information which were - previously compiled in the binary. Read - win32utils/build.txt for more details. - [RT #38915] + None.
+
Bug Fixes - When deleting records from a zone database, interior nodes - could be left empty but not deleted, damaging search - performance afterward. [RT #40997] - - - + None. - A flag could be set in the wrong field when setting up - nonrecursive queries; this could cause the SERVFAIL cache to - cache responses it shouldn't. New querytrace logging has been - added which identified this error. [RT #41155] - - - - - The server could crash due to a use-after-free if a - zone transfer timed out. [RT #41297] - - - - - Authoritative servers that were marked as bogus (e.g. blackholed - in configuration or with invalid addresses) were being queried - anyway. [RT #41321] - - - - - Some of the options for GeoIP ACLs, including "areacode", - "metrocode", and "timezone", were incorrectly documented - as "area", "metro" and "tz". Both the long and abbreviated - versions are now accepted. - - - - - dig, host and - nslookup aborted when encountering - a name which, after appending search list elements, - exceeded 255 bytes. Such names are now skipped, but - processing of other names will continue. [RT #36892] - - - - - The error message generated when - named-checkzone or - named-checkconf -z encounters a - directive without a value has - been clarified. [RT #37138] - - - - - Semicolon characters (;) included in TXT records were - incorrectly escaped with a backslash when the record was - displayed as text. This is actually only necessary when there - are no quotation marks. [RT #37159] - - - - - When files opened for writing by named, - such as zone journal files, were referenced more than once - in named.conf, it could lead to file - corruption as multiple threads wrote to the same file. This - is now detected when loading named.conf - and reported as an error. [RT #37172] - - - - - When checking for updates to trust anchors listed in - , named - now revalidates keys based on the current set of - active trust anchors, without relying on any cached - record of previous validation. [RT #37506] - - - - - Large-system tuning - (configure --with-tuning=large) caused - problems on some platforms by setting a socket receive - buffer size that was too large. This is now detected and - corrected at run time. [RT #37187] - - - - - When NXDOMAIN redirection is in use, queries for a name - that is present in the redirection zone but a type that - is not present will now return NOERROR instead of NXDOMAIN. - - - - - Due to an inadvertent removal of code in the previous - release, when named encountered an - authoritative name server which dropped all EDNS queries, - it did not always try plain DNS. This has been corrected. - [RT #37965] - - - - - A regression caused nsupdate to use the default recursive servers - rather than the SOA MNAME server when sending the UPDATE. - - - - - Adjusted max-recursion-queries to accommodate the smaller - initial packet sizes used in BIND 9.10 and higher when - contacting authoritative servers for the first time. - - - - - Built-in "empty" zones did not correctly inherit the - "allow-transfer" ACL from the options or view. [RT #38310] - - - - - Two leaks were fixed that could cause named - processes to grow to very large sizes. [RT #38454] - - - - - Fixed some bugs in RFC 5011 trust anchor management, - including a memory leak and a possible loss of state - information. [RT #38458] - - - - - Asynchronous zone loads were not handled correctly when the - zone load was already in progress; this could trigger a crash - in zt.c. [RT #37573] - - - - - A race during shutdown or reconfiguration could - cause an assertion failure in mem.c. [RT #38979] - - - - - Some answer formatting options didn't work correctly with - dig +short. [RT #39291] - - - - - Several bugs have been fixed in the RPZ implementation: - - - - - Policy zones that did not specifically require recursion - could be treated as if they did; consequently, setting - qname-wait-recurse no; was - sometimes ineffective. This has been corrected. - In most configurations, behavioral changes due to this - fix will not be noticeable. [RT #39229] - - - - - The server could crash if policy zones were updated (e.g. - via rndc reload or an incoming zone - transfer) while RPZ processing was still ongoing for an - active query. [RT #39415] - - - - - On servers with one or more policy zones configured as - slaves, if a policy zone updated during regular operation - (rather than at startup) using a full zone reload, such as - via AXFR, a bug could allow the RPZ summary data to fall out - of sync, potentially leading to an assertion failure in - rpz.c when further incremental updates were made to the - zone, such as via IXFR. [RT #39567] - - - - - The server could match a shorter prefix than what was - available in CLIENT-IP policy triggers, and so, an - unexpected action could be taken. This has been - corrected. [RT #39481] - - - - - The server could crash if a reload of an RPZ zone was - initiated while another reload of the same zone was - already in progress. [RT #39649] - - - - - Negative trust anchors (NTAs) were incorrectly deleted - when the server was reloaded or reconfigured. [RT #41058] - - - - - Zones configured to use map format - master files can't be used as policy zones because RPZ - summary data isn't compiled when such zones are mapped into - memory. This limitation may be fixed in a future release, - but in the meantime it has been documented, and attempting - to use such zones in response-policy - statements is now a configuration error. [RT #38321] - - -
diff --git a/version b/version index b000a0a49e..4007f2b9ac 100644 --- a/version +++ b/version @@ -6,6 +6,6 @@ DESCRIPTION= MAJORVER=9 MINORVER=11 PATCHVER=0 -RELEASETYPE=pre-alpha -RELEASEVER= +RELEASETYPE=a +RELEASEVER=1 EXTENSIONS=