mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-09-03 16:15:27 +00:00
Code Issues Releases Wiki Activity

Merge tag 'v9.19.18'

Browse Source
This commit is contained in:
Michał Kępień
2023-11-15 14:54:10 +01:00
parent 101fad490b 8dea58c390
commit dc25df18f3
4 changed files with 91 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
CHANGES
View File

@@ -13,6 +13,8 @@
6281. [bug] Fix a data race in dns_tsigkeyring_dump(). [GL #4328] 6281. [bug] Fix a data race in dns_tsigkeyring_dump(). [GL #4328]
--- 9.19.18 released ---
6280. [bug] Fix missing newlines in the output of "rndc nta -dump". 6280. [bug] Fix missing newlines in the output of "rndc nta -dump".
[GL !8454] [GL !8454]
@@ -58,7 +60,9 @@
6268. [func] Offload the IXFR and AXFR processing to unblock 6268. [func] Offload the IXFR and AXFR processing to unblock
the networking threads. [GL #4367] the networking threads. [GL #4367]
6267. [func] Adjust UDP timeouts used in zone maintenance. [GL #4260] 6267. [func] The timeouts for resending zone refresh queries over UDP
were lowered to enable named to more quickly determine
that a primary is down. [GL #4260]
6266. [func] The zone option 'inline-signing' is ignored from now 6266. [func] The zone option 'inline-signing' is ignored from now
on iff there is no 'dnssec-policy' configured for the on iff there is no 'dnssec-policy' configured for the

1
doc/arm/notes.rst
View File

@@ -39,6 +39,7 @@ information about each release, and source code.
.. include:: ../notes/notes-known-issues.rst .. include:: ../notes/notes-known-issues.rst
.. include:: ../notes/notes-current.rst .. include:: ../notes/notes-current.rst
.. include:: ../notes/notes-9.19.18.rst
.. include:: ../notes/notes-9.19.17.rst .. include:: ../notes/notes-9.19.17.rst
.. include:: ../notes/notes-9.19.16.rst .. include:: ../notes/notes-9.19.16.rst
.. include:: ../notes/notes-9.19.15.rst .. include:: ../notes/notes-9.19.15.rst

3
doc/arm/reference.rst
View File

@@ -4042,7 +4042,8 @@ Tuning
:short: Sets the resolver's lame cache. :short: Sets the resolver's lame cache.
This is always set to 0. More information is available in the This is always set to 0. More information is available in the
security advisory for :cve:`2021-25219`. `security advisory for CVE-2021-25219
<https://kb.isc.org/docs/cve-2021-25219>`_.
.. namedconf:statement:: servfail-ttl .. namedconf:statement:: servfail-ttl
:tags: server :tags: server

83
doc/notes/notes-9.19.18.rst Normal file
View File

@@ -0,0 +1,83 @@
.. Copyright (C) Internet Systems Consortium, Inc. ("ISC")
..
.. SPDX-License-Identifier: MPL-2.0
..
.. This Source Code Form is subject to the terms of the Mozilla Public
.. License, v. 2.0. If a copy of the MPL was not distributed with this
.. file, you can obtain one at https://mozilla.org/MPL/2.0/.
..
.. See the COPYRIGHT file distributed with this work for additional
.. information regarding copyright ownership.
Notes for BIND 9.19.18
----------------------
New Features
~~~~~~~~~~~~
- The statistics channel now includes information about incoming zone
transfers that are currently in progress. :gl:`#3883`
- The new :any:`resolver-use-dns64` option enables :iscman:`named` to
apply :any:`dns64` rules to IPv4 server addresses when sending
recursive queries, so that resolution can be performed over a NAT64
connection. :gl:`#608`
Removed Features
~~~~~~~~~~~~~~~~
- Support for the ``lock-file`` statement and the ``named -X``
command-line option has been removed. An external process supervisor
should be used instead. :gl:`#4391`
Alternatively, the ``flock`` utility (part of util-linux) can be used
on Linux systems to achieve the same effect as ``lock-file`` or
``named -X``:
::
flock -n -x <directory>/named.lock <path>/named <arguments>
- Configuring the control channel to use a Unix domain socket has been a
fatal error since BIND 9.18. The feature has now been completely
removed and :iscman:`named-checkconf` now reports it as a
configuration error. :gl:`#4311`
Feature Changes
~~~~~~~~~~~~~~~
- Processing large incremental transfers (IXFR) has been offloaded to a
separate work thread so that it does not prevent networking threads
from processing regular traffic in the meantime. :gl:`#4367`
- QNAME minimization is now used when looking up the addresses of name
servers during the recursive resolution process. :gl:`#4209`
- The :any:`inline-signing` zone option is now ignored if there is no
:any:`dnssec-policy` configured for the zone. This means that unsigned
zones no longer create redundant signed versions of the zone.
:gl:`#4349`
- The IP addresses for B.ROOT-SERVERS.NET have been updated to
170.247.170.2 and 2801:1b8:10::b. :gl:`#4101`
Bug Fixes
~~~~~~~~~
- :any:`max-cache-size` accidentally became ineffective in BIND 9.19.16.
This has been fixed and the option now behaves as documented again.
:gl:`#4340`
- If the unsigned version of an inline-signed zone contained DNSSEC
records, it was incorrectly scheduled for resigning. This has been
fixed. :gl:`#4350`
- Looking up stale data from the cache did not take local authoritative
data into account. This has been fixed. :gl:`#4355`
Known Issues
~~~~~~~~~~~~
- There are no new known issues with this release. See :ref:`above
<relnotes_known_issues>` for a list of all known issues affecting this
BIND 9 branch.