diff --git a/doc/arm/notes.rst b/doc/arm/notes.rst index 6446243051..edb9dea2c0 100644 --- a/doc/arm/notes.rst +++ b/doc/arm/notes.rst @@ -47,6 +47,7 @@ The list of known issues affecting the latest version in the 9.21 branch can be found at https://gitlab.isc.org/isc-projects/bind9/-/wikis/Known-Issues-in-BIND-9.21 +.. include:: ../notes/notes-9.21.5.rst .. include:: ../notes/notes-9.21.4.rst .. include:: ../notes/notes-9.21.3.rst .. include:: ../notes/notes-9.21.2.rst diff --git a/doc/notes/notes-9.21.5.rst b/doc/notes/notes-9.21.5.rst new file mode 100644 index 0000000000..dee2450d2e --- /dev/null +++ b/doc/notes/notes-9.21.5.rst @@ -0,0 +1,96 @@ +.. Copyright (C) Internet Systems Consortium, Inc. ("ISC") +.. +.. SPDX-License-Identifier: MPL-2.0 +.. +.. This Source Code Form is subject to the terms of the Mozilla Public +.. License, v. 2.0. If a copy of the MPL was not distributed with this +.. file, you can obtain one at https://mozilla.org/MPL/2.0/. +.. +.. See the COPYRIGHT file distributed with this work for additional +.. information regarding copyright ownership. + +Notes for BIND 9.21.5 +--------------------- + +New Features +~~~~~~~~~~~~ + +- Adds support for EDE code 1 and 2. + + Add support for EDE codes 1 & 2 which might occurs during DNSSEC + validation in case of unsupported RRSIG algorithm or DNSKEY digest. + :gl:`#2715` + +- Add a rndc command to toggle jemalloc profiling. + + The new command is `rndc memprof`. The memory profiling status is also + reported inside `rndc status`. The status also shows whether named can + toggle memory profiling or not and if the server is built with + jemalloc. :gl:`#4759` + +- Add support for multiple extended DNS errors. + + Extended DNS error mechanism (EDE) may have several errors raised + during a DNS resolution. `named` is now able to add up to three EDE + codes in a DNS response. In the case of duplicate error codes, only + the first one will be part of the DNS response. :gl:`#5085` + +- Print the expiration time of the stale records. + + Print the expiration time of the stale RRsets in the cache dump. + +Feature Changes +~~~~~~~~~~~~~~~ + +- Include destination address port number in query logging. + + When query logging is enabled, named will now include the destination + address port in the logged message. :gl:`#5060` + +Bug Fixes +~~~~~~~~~ + +- Validate adb fetches. + + ADB responses were not being validated, allowing spoofed responses to + be accepted and used for further lookups. This should not be possible + when the servers for the zone are in a signed zone, except with CD=1 + requests or when glue is needed. This has been fixed. :gl:`#5066` + +- Recently expired records could be returned with timestamp in future. + + Under rare circumstances, the RRSet that expired at the time of the + query could be returned with TTL far in the future. This has been + fixed. + + As a side-effect, the expiration time of expired RRSets are no longer + printed out in the cache dump. :gl:`#5094` + +- Yaml string not terminated in negative response in delv. + + :gl:`#5098` + +- Fix a bug in dnssec-signzone related to keys being offline. + + In the case when `dnssec-signzone` is called on an already signed + zone, and the private key file is unavailable, a signature that needs + to be refreshed may be dropped without being able to generate a + replacement. This has been fixed. :gl:`#5126` + +- Apply the memory limit only to ADB database items. + + Resolver under heavy-load could exhaust the memory available for + storing the information in the Address Database (ADB) effectively + evicting already stored information in the ADB. The memory used to + retrieve and provide information from the ADB is now not a subject of + the same memory limits that are applied for storing the information in + the Address Database. :gl:`#5127` + +- Avoid unnecessary locking in the zone/cache database. + + Prevent lock contention among many worker threads referring to the + same database node at the same time. This would improve zone and + cache database performance for the heavily contended database nodes. + :gl:`#5130` + +