From 1e2fd565d3fe7e708eaf417728fb6e3893a614a5 Mon Sep 17 00:00:00 2001 From: Michal Nowak Date: Wed, 7 Aug 2024 12:39:23 +0200 Subject: [PATCH] Split up changelog into per-release code blocks LaTeX in CI and on ReadTheDocs fails to render a PDF version of ARM if the Changelog section is included. The running theory is that the verbatim section of more than twenty thousand lines is too big to meet LaTeX self-imposed constraints, and it fails with: ! TeX capacity exceeded, sorry [main memory size=5000000]. Or it just hangs if extra_mem_bot=30000000 is set in /etc/texmf/texmf.d/01main_memory_bump.cnf: ! Dimension too large. \fb@put@frame ...p \ifdim \dimen@ >\ht \@tempboxa \fb@putboxa #1\fb@afterfra... l.56913 \end{sphinxVerbatim} Make each BIND 9 release a separate code block to work around the issue. Further split up the sections for some exceptionally large releases, for the same reason. (cherry picked from commit bc802359b05deb7a4b14eeb7eaca9e26bdb6b97f) --- doc/arm/changelog.rst | 259 +++++++++++++++++++++++++++++++++++++++++- 1 file changed, 258 insertions(+), 1 deletion(-) diff --git a/doc/arm/changelog.rst b/doc/arm/changelog.rst index 2a9bdceea1..6b8d6623e1 100644 --- a/doc/arm/changelog.rst +++ b/doc/arm/changelog.rst @@ -21,7 +21,7 @@ Changelog Changes prior to 9.18.28 ------------------------ -:: +.. code-block:: none --- 9.18.28 released --- @@ -106,6 +106,8 @@ Changes prior to 9.18.28 6382. [bug] Fix RPZ response's SOA record TTL, which was incorrectly set to 1 if 'add-soa' is used. [GL #3323] +.. code-block:: none + --- 9.18.27 released --- 6374. [bug] Skip to next RRSIG if signature has expired or is in @@ -113,6 +115,8 @@ Changes prior to 9.18.28 6372. [func] Implement signature jitter for dnssec-policy. [GL #4554] +.. code-block:: none + --- 9.18.26 released --- 6364. [protocol] Add RESOLVER.ARPA to the built in empty zones. @@ -176,6 +180,8 @@ Changes prior to 9.18.28 This lead to failures when DNSKEYs where updated as the TTLs mismatched. [GL #4466] +.. code-block:: none + --- 9.18.25 released --- 6356. [bug] Create the pruning task in the dns_cache_flush(), so @@ -193,11 +199,15 @@ Changes prior to 9.18.28 6350. [bug] Address use after free in expire_lru_headers. [GL #4495] +.. code-block:: none + --- 9.18.24 released --- 6343. [bug] Fix case insensitive setting for isc_ht hashtable. [GL #4568] +.. code-block:: none + --- 9.18.23 released --- 6322. [security] Specific DNS answers could cause a denial-of-service @@ -215,6 +225,8 @@ Changes prior to 9.18.28 mode could process more than one message at a time when that was not expected. That has been fixed. [GL #4487] +.. code-block:: none + --- 9.18.22 released --- 6319. [func] Limit isc_task_send() overhead for RBTDB tree pruning. @@ -263,6 +275,8 @@ Changes prior to 9.18.28 6299. [port] NetBSD has added 'hmac' to libc which collides with our use of 'hmac'. [GL #4478] +.. code-block:: none + --- 9.18.21 released --- 6297. [bug] Improve LRU cleaning behaviour. [GL #4448] @@ -290,6 +304,8 @@ Changes prior to 9.18.28 6282. [func] Deprecate AES-based DNS cookies. [GL #4421] +.. code-block:: none + --- 9.18.20 released --- 6280. [bug] Fix missing newlines in the output of "rndc nta -dump". @@ -335,6 +351,8 @@ Changes prior to 9.18.28 reported as the covered value of the RRSIG when dumping the cache contents. [GL #4314] +.. code-block:: none + --- 9.18.19 released --- 6246. [security] Fix use-after-free error in TLS DNS code when sending @@ -383,6 +401,8 @@ Changes prior to 9.18.28 6224. [bug] Check the If-Modified-Since value length to prevent out-of-bounds write. [GL #4124] +.. code-block:: none + --- 9.18.18 released --- 6220. [func] Deprecate the 'dialup' and 'heartbeat-interval' @@ -400,6 +420,8 @@ Changes prior to 9.18.28 6212. [bug] Don't process detach and close netmgr events when the netmgr has been paused. [GL #4200] +.. code-block:: none + --- 9.18.17 released --- 6206. [bug] Add shutdown checks in dns_catz_dbupdate_callback() to @@ -442,6 +464,8 @@ Changes prior to 9.18.28 the FORMERR was due to the presence of a DNS COOKIE option. [GL #4049] +.. code-block:: none + --- 9.18.16 released --- 6192. [security] A query that prioritizes stale data over lookup @@ -506,6 +530,8 @@ Changes prior to 9.18.28 dighost_shutdown() callback twice and cause problems if the callback function was not idempotent. [GL #4039] +.. code-block:: none + --- 9.18.15 released --- 6164. [bug] Set the rndc idle read timeout back to 60 seconds, @@ -538,6 +564,8 @@ Changes prior to 9.18.28 3.1.0 uses __attribute__(malloc), conflicting with a redefined malloc in cmocka.h. [GL #4000] +.. code-block:: none + --- 9.18.14 released --- 6145. [bug] Fix a possible use-after-free bug in the @@ -588,6 +616,8 @@ Changes prior to 9.18.28 downloading large zones over TLS from a primary server, especially over unstable connections. [GL #3867] +.. code-block:: none + --- 9.18.13 released --- 6120. [bug] Use two pairs of dns_db_t and dns_dbversion_t in a @@ -641,6 +671,8 @@ Changes prior to 9.18.28 feature is deprecated, but it is not yet removed, so the bug still needed fixing.) [GL #3790] +.. code-block:: none + --- 9.18.12 released --- 6083. [bug] Fix DNSRPS-enabled builds as they were inadvertently @@ -694,6 +726,8 @@ Changes prior to 9.18.28 5850. [func] Run the RPZ update process on the offload threads. [GL #3190] +.. code-block:: none + --- 9.18.11 released --- 6067. [security] Fix serve-stale crash when recursive clients soft quota @@ -780,6 +814,8 @@ Changes prior to 9.18.28 implementation has been optimized to work with hundreds of thousands of member zones. [GL #3212] [GL #3744] +.. code-block:: none + --- 9.18.10 released --- 6043. [bug] The key file IO locks objects would never get @@ -846,6 +882,8 @@ Changes prior to 9.18.28 the cache after expiry, even when serve-stale is in use. [GL #3386] +.. code-block:: none + --- 9.18.9 released --- 6013. [bug] Fix a crash that could happen when you change @@ -893,6 +931,8 @@ Changes prior to 9.18.28 5994. [func] Refactor the isc_httpd implementation used in the statistics channel. [GL !6879] +.. code-block:: none + --- 9.18.8 released --- 5991. [protocol] Add support for parsing and validating "dohpath" to @@ -941,6 +981,8 @@ Changes prior to 9.18.28 5963. [bug] Ensure struct named_server is properly initialized. [GL #6531] +.. code-block:: none + --- 9.18.7 released --- 5962. [security] Fix memory leak in EdDSA verify processing. @@ -1024,6 +1066,8 @@ Changes prior to 9.18.28 5935. [bug] Fix DiG lookup reference counting bug, which could be observed in NSSEARCH mode. [GL #3478] +.. code-block:: none + --- 9.18.6 released --- 5934. [func] Improve fetches-per-zone fetch limit logging to log @@ -1090,6 +1134,8 @@ Changes prior to 9.18.28 where the test is not DNSKEY algorithm specific. [GL #3440] +.. code-block:: none + --- 9.18.5 released --- 5917. [bug] Update ifconfig.sh script as is miscomputed interface @@ -1139,6 +1185,8 @@ Changes prior to 9.18.28 that there is no configured pre-existing forward-only forward zone with that name. [GL #2506] +.. code-block:: none + --- 9.18.4 released --- 5899. [func] Don't try to process DNSSEC-related and ZONEMD records @@ -1170,6 +1218,8 @@ Changes prior to 9.18.28 `dnssec-settime` now accept times as printed by `dnssec-settime -p`. [GL !2947] +.. code-block:: none + --- 9.18.3 released --- 5886. [security] Fix a crash in DNS-over-HTTPS (DoH) code caused by @@ -1252,6 +1302,8 @@ Changes prior to 9.18.28 to implement Strict and Mutual TLS authentication, as described in RFC 9103, Section 9.3. [GL #3163] +.. code-block:: none + --- 9.18.2 released --- 5856. [bug] The "starting maxtime timer" message related to outgoing @@ -1335,6 +1387,8 @@ Changes prior to 9.18.28 5821. [bug] Fix query context management issues in the TCP part of dig. [GL #3184] +.. code-block:: none + --- 9.18.1 released --- 5820. [security] An assertion could occur in resume_dslookup() if the @@ -1417,6 +1471,8 @@ Changes prior to 9.18.28 in BIND internal structures, causing a crash or other unexpected errors. [GL #3060] +.. code-block:: none + --- 9.18.0 released --- 5796. [bug] Ignore the invalid (<= 0) values returned @@ -1448,6 +1504,8 @@ Changes prior to 9.18.28 channel code to use ISC_R_SHUTTINGDOWN result code to detect named being shut down. [GL #3079] +.. code-block:: none + --- 9.17.22 released --- 5789. [bug] Allow replacing expired zone signatures with @@ -1510,6 +1568,8 @@ Changes prior to 9.18.28 condition variable and add missing isc_mutex_destroy() for nmworker lock. [GL #3051] +.. code-block:: none + --- 9.17.21 released --- 5775. [bug] Added a timer in the resolver to kill fetches that @@ -1592,6 +1652,8 @@ Changes prior to 9.18.28 via DNS-over-HTTPS, according to the recommendations given in RFC 8484. [GL #2854] +.. code-block:: none + --- 9.17.20 released --- 5755. [bug] The statistics channel wasn't correctly handling @@ -1674,6 +1736,8 @@ Changes prior to 9.18.28 5737. [bug] Address Coverity warning in lib/dns/dnssec.c. [GL #2935] +.. code-block:: none + --- 9.17.19 released --- 5736. [security] The "lame-ttl" option is now forcibly set to 0. This @@ -1783,6 +1847,8 @@ Changes prior to 9.18.28 5712. [func] Remove native PKCS#11 support in favor of engine_pkcs11 from the OpenSC project. [GL #2691] +.. code-block:: none + --- 9.17.18 released --- 5711. [bug] "map" files exceeding 2GB in size failed to load due to @@ -1890,6 +1956,8 @@ Changes prior to 9.18.28 successor key. This enables dnssec-signzone to gradually replace RRSIGs during a ZSK rollover. [GL #1551] +.. code-block:: none + --- 9.17.17 released --- 5689. [security] An assertion failure occurred when named attempted to @@ -1982,6 +2050,8 @@ Changes prior to 9.18.28 algorithms for the same listener. This has been fixed. [GL #2756] +.. code-block:: none + --- 9.17.16 released --- 5671. [bug] A race condition could occur where two threads were @@ -2069,6 +2139,8 @@ Changes prior to 9.18.28 5653. [bug] A bug that caused the NSEC3 salt to be changed on every restart for zones using KASP has been fixed. [GL #2725] +.. code-block:: none + --- 9.17.14 released --- 5652. [bug] A copy-and-paste error in change 5584 caused the @@ -2126,6 +2198,8 @@ Changes prior to 9.18.28 5639. [bug] Check that the first and last SOA record of an AXFR are consistent. [GL #2528] +.. code-block:: none + --- 9.17.13 released --- 5638. [bug] Improvements related to network manager/task manager @@ -2228,6 +2302,8 @@ Changes prior to 9.18.28 inconsistencies have been eliminated. [GL #389] [GL #2289] +.. code-block:: none + --- 9.17.12 released --- 5617. [placeholder] @@ -2320,6 +2396,8 @@ Changes prior to 9.18.28 functions declared in the header with arguments of type char. [GL #2567] +.. code-block:: none + --- 9.17.11 released --- 5597. [bug] When serve-stale was enabled and starting the recursive @@ -2424,6 +2502,8 @@ Changes prior to 9.18.28 put on the wrong free list. This prevented named from starting up. [GL #2460] +.. code-block:: none + --- 9.17.10 released --- 5578. [protocol] Make "check-names" accept A records below "_spf", @@ -2509,6 +2589,8 @@ Changes prior to 9.18.28 "stale-answer-ttl" has been changed from 1 second to 30 seconds, following RFC 8767 recommendations. [GL #2248] +.. code-block:: none + --- 9.17.9 released --- 5559. [bug] The --with-maxminddb=PATH form of the build-time option @@ -2552,6 +2634,8 @@ Changes prior to 9.18.28 5547. [placeholder] +.. code-block:: none + --- 9.17.8 released --- 5546. [placeholder] @@ -2600,6 +2684,8 @@ Changes prior to 9.18.28 5534. [bug] The CNAME synthesized from a DNAME was incorrectly followed when the QTYPE was CNAME or ANY. [GL #2280] +.. code-block:: none + --- 9.17.7 released --- 5533. [func] Add the "stale-refresh-time" option, a time window that @@ -2661,6 +2747,8 @@ Changes prior to 9.18.28 5517. [bug] Do not treat UV_EOF as a TCP4RecvErr or a TCP6RecvErr. [GL #2208] +.. code-block:: none + --- 9.17.6 released --- 5516. [func] The default EDNS buffer size has been changed from 4096 @@ -2713,6 +2801,8 @@ Changes prior to 9.18.28 handles, now using isc_nmhandle_attach() and _detach() instead of _ref() and _unref(). [GL #2122] +.. code-block:: none + --- 9.17.5 released --- 5502. [func] 'dig +bufsize=0' no longer disables EDNS. [GL #2054] @@ -2771,6 +2861,8 @@ Changes prior to 9.18.28 named that the DS record for a given zone or key has been updated in the parent zone. [GL #1613] +.. code-block:: none + --- 9.17.4 released --- 5485. [placeholder] @@ -2892,6 +2984,8 @@ Changes prior to 9.18.28 5459. [bug] Fixed bad isc_mem_put() size when an invalid type was specified in an "update-policy" rule. [GL #1990] +.. code-block:: none + --- 9.17.3 released --- 5458. [bug] Prevent a theoretically possible NULL dereference caused @@ -2957,6 +3051,8 @@ Changes prior to 9.18.28 5439. [bug] The DS RRset returned by dns_keynode_dsset() was used in a non-thread-safe manner. [GL #1926] +.. code-block:: none + --- 9.17.2 released --- 5438. [bug] Fix a race in TCP accepting code. [GL #1930] @@ -3157,6 +3253,8 @@ Changes prior to 9.18.28 implicitly set to "yes". Now "inline-signing" is only set to "yes" if the zone is not dynamic. [GL #1709] +.. code-block:: none + --- 9.17.1 released --- 5383. [func] Add a quota attach function with a callback and clean up @@ -3222,6 +3320,8 @@ Changes prior to 9.18.28 5367. [placeholder] +.. code-block:: none + --- 9.17.0 released --- 5366. [bug] Fix a race condition with the keymgr when the same @@ -3315,6 +3415,8 @@ Changes prior to 9.18.28 5348. [bug] dnssec-settime -Psync was not being honoured. Thanks to Tony Finch. [GL !2893] +.. code-block:: none + --- 9.15.8 released --- 5347. [bug] Fixed a bug that could cause an intermittent crash @@ -3354,6 +3456,8 @@ Changes prior to 9.18.28 5337. [func] 'named -V' now reports maxminddb and protobuf-c versions. [GL !2686] +.. code-block:: none + --- 9.15.7 released --- 5336. [bug] The TCP high-water statistic could report an @@ -3409,6 +3513,8 @@ Changes prior to 9.18.28 5320. [cleanup] Silence TSAN on header->count. [GL #1344] +.. code-block:: none + --- 9.15.6 released --- 5319. [func] Trust anchors can now be configured using DS @@ -3499,6 +3605,8 @@ Changes prior to 9.18.28 readability and allow correct parsing of YAML output. [GL #1226] +.. code-block:: none + --- 9.15.5 released --- 5299. [security] A flaw in DNSSEC verification when transferring @@ -3529,6 +3637,8 @@ Changes prior to 9.18.28 5292. [bug] Queue 'rndc nsec3param' requests while signing inline zone changes. [GL #1205] +.. code-block:: none + --- 9.15.4 released --- 5291. [placeholder] @@ -3574,6 +3684,8 @@ Changes prior to 9.18.28 5278. [func] Add YAML output formats for dig, mdig and delv; use the "+yaml" option to enable. [GL #1145] +.. code-block:: none + --- 9.15.3 released --- 5277. [bug] Cache DB statistics could underflow when serve-stale @@ -3629,6 +3741,8 @@ Changes prior to 9.18.28 to BIND 9, and the old HMAC-SHA DNS Cookie algorithms have been removed. [GL #605] +.. code-block:: none + --- 9.15.2 released --- 5263. [cleanup] Use atomics and isc_refcount_t wherever possible. @@ -3686,6 +3800,8 @@ Changes prior to 9.18.28 statistics when hitting recursive clients soft quota. [GL #1067] +.. code-block:: none + --- 9.15.1 released --- 5248. [func] To clarify the configuration of DNSSEC keys, @@ -3752,6 +3868,8 @@ Changes prior to 9.18.28 5234. [port] arm: just use the compiler's default support for yield. [GL #981] +.. code-block:: none + --- 9.15.0 released --- 5233. [bug] Negative trust anchors did not work with "forward only;" @@ -4152,6 +4270,8 @@ Changes prior to 9.18.28 5109. [cleanup] Remove support for RSAMD5 algorithm. [GL #628] +.. code-block:: none + --- 9.13.5 released --- 5108. [bug] Named could fail to determine bottom of zone when @@ -4200,6 +4320,8 @@ Changes prior to 9.18.28 5099. [func] Failed mutex and conditional creations are always fatal. [GL #674] +.. code-block:: none + --- 9.13.4 released --- 5098. [func] Failed memory allocations are now fatal. [GL #674] @@ -4438,6 +4560,8 @@ Changes prior to 9.18.28 5030. [bug] Align CMSG buffers to a 64-bit boundary, fixes crash on architectures with strict alignment. [GL #521] +.. code-block:: none + --- 9.13.3 released --- 5029. [func] Workarounds for servers that misbehave when queried @@ -4578,6 +4702,8 @@ Changes prior to 9.18.28 4988. [bug] Don't synthesize NXDOMAIN from NSEC for records under a DNAME. +.. code-block:: none + --- 9.13.2 released --- 4987. [cleanup] dns_rdataslab_tordataset() and its related @@ -4646,6 +4772,8 @@ Changes prior to 9.18.28 4969. [cleanup] Refactor zone logging functions. [GL #269] +.. code-block:: none + --- 9.13.1 released --- 4968. [bug] If glue records are signed, attempt to validate them. @@ -4723,6 +4851,8 @@ Changes prior to 9.18.28 4951. [protocol] Add "HOME.ARPA" to list of built in empty zones as per RFC 8375. [GL #273] +.. code-block:: none + --- 9.13.0 released --- 4950. [bug] ISC_SOCKEVENTATTR_TRUNC was not be set. [GL #238] @@ -5098,6 +5228,8 @@ Changes prior to 9.18.28 4842. [bug] Conditionally compile opensslecdsa_link.c to avoid warnings about unused function. [RT #46790] +.. code-block:: none + --- 9.12.0rc1 released --- 4841. [bug] Address -fsanitize=undefined warnings. [RT #46786] @@ -5207,6 +5339,8 @@ Changes prior to 9.18.28 4810. [test] The chain system test failed if the IPv6 interfaces were not configured. [RT #46508] +.. code-block:: none + --- 9.12.0b2 released --- 4809. [port] Check at configure time whether -latomic is needed @@ -5334,6 +5468,8 @@ Changes prior to 9.18.28 annotated using certain macros. Miscellaneous Doxygen-related cleanups. [RT #46276] +.. code-block:: none + --- 9.12.0b1 released --- 4772. [test] Expanded unit testing framework for libns, using @@ -5569,6 +5705,8 @@ Changes prior to 9.18.28 4716. [placeholder] +.. code-block:: none + --- 9.12.0a1 released --- 4715. [bug] TreeMemMax was mis-identified as a second HeapMemMax @@ -6396,8 +6534,12 @@ Changes prior to 9.18.28 looking for the NSEC3 records proving nonexistence of the answer. [RT #43247] +.. code-block:: none + --- 9.11.0 released --- +.. code-block:: none + --- 9.11.0rc3 released --- 4471. [cleanup] Render client/query logging format consistent for @@ -6410,6 +6552,8 @@ Changes prior to 9.18.28 4469. [placeholder] +.. code-block:: none + --- 9.11.0rc2 released --- 4468. [bug] Address ECS option handling issues. [RT #43191] @@ -6434,6 +6578,8 @@ Changes prior to 9.18.28 4461. [bug] win32: not all external data was properly marked as external data for windows dll. [RT #43161] +.. code-block:: none + --- 9.11.0rc1 released --- 4460. [test] Add system test for dnstap using unix domain sockets. @@ -6549,6 +6695,8 @@ Changes prior to 9.18.28 4427. [bug] The "query" and "response" parameters to the "dnstap" option had their functions reversed. +.. code-block:: none + --- 9.11.0b3 released --- 4426. [bug] Addressed Coverity warnings. [RT #42908] @@ -6606,6 +6754,8 @@ Changes prior to 9.18.28 4413. [bug] GSSAPI negotiation could fail if GSS_S_CONTINUE_NEEDED was returned. [RT #42733] +.. code-block:: none + --- 9.11.0b2 released --- 4412. [cleanup] Make fixes for GCC 6. ISC_OFFSET_MAXIMUM macro was @@ -6647,6 +6797,8 @@ Changes prior to 9.18.28 4402. [bug] protoc-c is now a hard requirement for --enable-dnstap. +.. code-block:: none + --- 9.11.0b1 released --- 4401. [misc] Change LICENSE to MPL 2.0. @@ -6709,6 +6861,8 @@ Changes prior to 9.18.28 4381. [bug] Missing "zone-directory" option in catalog zone definition caused BIND to crash. [RT #42579] +.. code-block:: none + --- 9.11.0a3 released --- 4380. [experimental] Added a "zone-directory" option to "catalog-zones" @@ -6752,6 +6906,8 @@ Changes prior to 9.18.28 4370. [bug] Address python3 compatibility issues with RNDC module. [RT #42499] [RT #42506] +.. code-block:: none + --- 9.11.0a2 released --- 4369. [bug] Fix 'make' and 'make install' out-of-tree python @@ -6851,6 +7007,8 @@ Changes prior to 9.18.28 4342. [bug] 'rndc flushtree' could fail to clean the tree if there wasn't a node at the specified name. [RT #41846] +.. code-block:: none + --- 9.11.0a1 released --- 4341. [bug] Correct the handling of ECS options with @@ -8034,6 +8192,8 @@ Changes prior to 9.18.28 4000. [bug] NXDOMAIN redirection incorrectly handled NXRRSET from the redirect zone. [RT #37722] +.. code-block:: none + 3999. [func] "mkeys" and "nzf" files are now named after their corresponding views, unless the view name contains characters that would be incompatible @@ -8706,6 +8866,8 @@ Changes prior to 9.18.28 3805. [contrib] Added contrib/perftcpdns, a performance testing tool for DNS over TCP. [RT #35710] +.. code-block:: none + --- 9.10.0rc1 released --- 3804. [bug] Corrected a race condition in dispatch.c in which @@ -8757,6 +8919,8 @@ Changes prior to 9.18.28 3788. [bug] dns_peer_getrequestsit was returning request_nsid by mistake. +.. code-block:: none + --- 9.10.0b2 released --- 3787. [bug] The code that checks whether "auto-dnssec" is @@ -8871,6 +9035,8 @@ Changes prior to 9.18.28 check_config leading to spurious messages being logged. [RT #35443] +.. code-block:: none + --- 9.10.0b1 released --- 3755. [func] Add stats counters for known EDNS options + others. @@ -9018,6 +9184,8 @@ Changes prior to 9.18.28 cleaned up and rearranged the contrib directory, and added a README. +.. code-block:: none + --- 9.10.0a2 released --- 3724. [bug] win32: Fixed a bug that prevented dig and @@ -9221,6 +9389,8 @@ Changes prior to 9.18.28 information for their extensions in the version file by setting the EXTENSIONS variable. +.. code-block:: none + --- 9.10.0a1 released --- 3674. [bug] RPZ zeroed ttls if the query type was '*'. [RT #35026] @@ -9773,6 +9943,8 @@ Changes prior to 9.18.28 can be vulnerable to memory exhaustion attack (CVE-2013-2266). [RT #32688] +.. code-block:: none + 3499. [doc] Corrected ARM documentation of built-in zones. [RT #32694] @@ -10505,6 +10677,8 @@ Changes prior to 9.18.28 times before giving up. mksymtbl was using non portable perl to covert 64 bit hex strings. [RT #27653] +.. code-block:: none + --- 9.9.0rc2 released --- 3270. [bug] "rndc reload" didn't reuse existing zones correctly @@ -10541,6 +10715,8 @@ Changes prior to 9.18.28 3260. [bug] "rrset-order cyclic" could appear not to rotate for some query patterns. [RT #27170/27185] +.. code-block:: none + --- 9.9.0rc1 released --- 3259. [bug] named-compilezone: Suppress "dump zone to " @@ -10677,6 +10853,8 @@ Changes prior to 9.18.28 referencing fetch context after it's been freed. [RT #26720] +.. code-block:: none + --- 9.9.0b2 released --- 3220. [bug] Change #3186 was incomplete; dns_db_rpz_findips() @@ -10778,6 +10956,8 @@ Changes prior to 9.18.28 3187. [port] win32: support for Visual Studio 2008. [RT #26356] +.. code-block:: none + --- 9.9.0b1 released --- 3186. [bug] Version/db mismatch in rpz code. [RT #26180] @@ -10838,6 +11018,8 @@ Changes prior to 9.18.28 3171. [bug] Exclusively lock the task when adding a zone using 'rndc addzone'. [RT #25600] +.. code-block:: none + --- 9.9.0a3 released --- 3170. [func] RPZ update: @@ -10900,6 +11082,8 @@ Changes prior to 9.18.28 3156. [placeholder] +.. code-block:: none + --- 9.9.0a2 released --- 3155. [bug] Fixed a build failure when using contrib DLZ @@ -10927,6 +11111,8 @@ Changes prior to 9.18.28 3147. [func] Initial inline signing support. [RT #23657] +.. code-block:: none + --- 9.9.0a1 released --- 3146. [test] Fixed gcc4.6.0 errors in ATF. [RT #25598] @@ -11400,6 +11586,8 @@ Changes prior to 9.18.28 3009. [bug] clients-per-query code didn't work as expected with particular query patterns. [RT #22972] +.. code-block:: none + --- 9.8.0b1 released --- 3008. [func] Response policy zones (RPZ) support. [RT #21726] @@ -11503,6 +11691,8 @@ Changes prior to 9.18.28 2983. [bug] Include "loadkeys" in rndc help output. [RT #22493] +.. code-block:: none + --- 9.8.0a1 released --- 2982. [bug] Reference count dst keys. dst_key_attach() can be used @@ -12108,6 +12298,8 @@ Changes prior to 9.18.28 2807. [bug] Fixed a possible ASSERT when reconfiguring zone keys. [RT #20720] +.. code-block:: none + --- 9.7.0rc1 released --- 2806. [bug] "rdnc sign" could delay re-signing the DNSKEY @@ -12181,6 +12373,8 @@ Changes prior to 9.18.28 2786. [bug] Additional could be promoted to answer. [RT #20663] +.. code-block:: none + --- 9.7.0b3 released --- 2785. [bug] Revoked keys could fail to self-sign [RT #20652] @@ -12302,6 +12496,8 @@ Changes prior to 9.18.28 2743. [bug] RRSIG could be incorrectly set in the NSEC3 record for a insecure delegation. +.. code-block:: none + --- 9.7.0b2 released --- 2742. [cleanup] Clarify some DNSSEC-related log messages in @@ -12401,6 +12597,8 @@ Changes prior to 9.18.28 2716. [bug] nslookup debug mode didn't return the ttl. [RT #20414] +.. code-block:: none + --- 9.7.0b1 released --- 2715. [bug] Require OpenSSL support to be explicitly disabled. @@ -12562,6 +12760,8 @@ Changes prior to 9.18.28 2675. [bug] dnssec-signzone could crash if the key directory did not exist. [RT #20232] +.. code-block:: none + --- 9.7.0a3 released --- 2674. [bug] "dnssec-lookaside auto;" crashed if named was built @@ -12665,6 +12865,8 @@ Changes prior to 9.18.28 2645. [port] "gcc -m32" didn't work on amd64 and x86_64 platforms which default to 64 bits. [RT #19927] +.. code-block:: none + --- 9.7.0a2 released --- 2644. [bug] Change #2628 caused a regression on some systems; @@ -12775,6 +12977,8 @@ Changes prior to 9.18.28 2613. [placeholder] +.. code-block:: none + --- 9.7.0a1 released --- 2612. [func] Add default values for the arguments to @@ -13159,6 +13363,8 @@ Changes prior to 9.18.28 2499. [port] solaris: lib/lwres/getaddrinfo.c namespace clash. [RT #18837] +.. code-block:: none + --- 9.6.0rc1 released --- 2498. [bug] Removed a bogus function argument used with @@ -13222,6 +13428,8 @@ Changes prior to 9.18.28 2482. [port] libxml2: support versions 2.7.* in addition to 2.6.*. [RT #18806] +.. code-block:: none + --- 9.6.0b1 released --- 2481. [bug] rbtdb.c:matchparams() failed to handle NSEC3 chain @@ -13292,6 +13500,8 @@ Changes prior to 9.18.28 2461. [port] sunos: Change #2363 was not complete. [RT #17513] +.. code-block:: none + --- 9.6.0a1 released --- 2460. [bug] Don't call dns_db_getnsec3parameters() on the cache. @@ -13885,6 +14095,8 @@ Changes prior to 9.18.28 2268. [bug] 0.IN-ADDR.ARPA was missing from the empty zones list. +.. code-block:: none + --- 9.5.0b1 released --- 2267. [bug] Radix tree node_num value could be set incorrectly, @@ -13912,6 +14124,8 @@ Changes prior to 9.18.28 2259. [placeholder] +.. code-block:: none + --- 9.5.0a7 released --- 2258. [bug] Fallback from IXFR/TSIG to SOA/AXFR/TSIG broken. @@ -14068,6 +14282,8 @@ Changes prior to 9.18.28 2207. [port] Some implementations of getaddrinfo() fail to set ai_canonname correctly. [RT #17061] +.. code-block:: none + --- 9.5.0a6 released --- 2206. [security] "allow-query-cache" and "allow-recursion" now @@ -14120,6 +14336,8 @@ Changes prior to 9.18.28 2194. [bug] Close journal before calling 'done' in xfrin.c. +.. code-block:: none + --- 9.5.0a5 released --- 2193. [port] win32: BINDInstall.exe is now linked statically. @@ -14191,6 +14409,8 @@ Changes prior to 9.18.28 2173. [port] win32: When compiling with MSVS 2005 SP1 we also need to ship Microsoft.VC80.MFCLOC. +.. code-block:: none + --- 9.5.0a4 released --- 2172. [bug] query_addsoa() was being called with a non zone db. @@ -14212,6 +14432,8 @@ Changes prior to 9.18.28 2167. [bug] When re-using a automatic zone named failed to attach it to the new view. [RT #16786] +.. code-block:: none + --- 9.5.0a3 released --- 2166. [bug] When running in batch mode, dig could misinterpret @@ -14240,6 +14462,8 @@ Changes prior to 9.18.28 2160. [bug] libisc wasn't handling NULL ifa_addr pointers returned from getifaddrs(). [RT #16708] +.. code-block:: none + --- 9.5.0a2 released --- 2159. [bug] Array bounds overrun in acache processing. [RT #16710] @@ -14345,6 +14569,8 @@ Changes prior to 9.18.28 2124. [security] It was possible to dereference a freed fetch context. [RT #16584] +.. code-block:: none + --- 9.5.0a1 released --- 2123. [func] Use Doxygen to generate internal documentation. @@ -15486,6 +15712,8 @@ Changes prior to 9.18.28 1750. [port] lib/bind/make/rules.in:subdirs was not bash friendly. [RT #12864] +.. code-block:: none + 1749. [bug] 'check-names response ignore;' failed to ignore. [RT #12866] @@ -16224,6 +16452,8 @@ Changes prior to 9.18.28 1500. [bug] host failed to lookup MX records. Also look up AAAA records. +.. code-block:: none + 1499. [bug] isc_random need to be seeded better if arc4random() is not used. @@ -16939,6 +17169,8 @@ Changes prior to 9.18.28 1250. [func] Nsupdate will report the address the update was sent to. +.. code-block:: none + 1249. [bug] Missing masters clause was not handled gracefully. [RT #2703] @@ -17861,6 +18093,8 @@ Changes prior to 9.18.28 change #953. win32 .make file for rndc-confgen updated to add include path for os.h header. +.. code-block:: none + --- 9.2.0rc1 released --- 955. [bug] When using views, the zone's class was not being @@ -17894,6 +18128,8 @@ Changes prior to 9.18.28 949. [bug] host was unable to print records larger than 512 bytes. [RT #1557] +.. code-block:: none + --- 9.2.0b2 released --- 948. [port] Integrated support for building on Windows NT / @@ -17927,6 +18163,8 @@ Changes prior to 9.18.28 940. [bug] Double zone locking failure on error path. [RT #1510] +.. code-block:: none + --- 9.2.0b1 released --- 939. [port] Add the --disable-linux-caps option to configure for @@ -17949,6 +18187,8 @@ Changes prior to 9.18.28 933. [bug] configure failed doing libbind on platforms not supported by BIND 8. [RT #1496] +.. code-block:: none + --- 9.2.0a3 released --- 932. [bug] Use INSTALL_SCRIPT, not INSTALL_PROGRAM, @@ -18061,6 +18301,8 @@ Changes prior to 9.18.28 bin/tests/system/ifconfig.sh now recognize the new string. +.. code-block:: none + --- 9.2.0a2 released --- 899. [bug] lib/dns/soa.c failed to compile on many platforms @@ -18212,6 +18454,8 @@ Changes prior to 9.18.28 851. [cleanup] The obsolete support-ixfr option was not properly ignored. +.. code-block:: none + --- 9.2.0a1 released --- 850. [bug] dns_rbt_findnode() would not find nodes that were @@ -18883,6 +19127,8 @@ Changes prior to 9.18.28 642. [bug] Break the exit_check() race in the zone module. [RT #598] +.. code-block:: none + --- 9.1.0b2 released --- 641. [bug] $GENERATE caused a uninitialized link to be used. @@ -19054,6 +19300,8 @@ Changes prior to 9.18.28 number of days, not seconds. This matches the documentation. [RT #529] +.. code-block:: none + --- 9.1.0b1 released --- 591. [bug] Work around non-reentrancy in openssl by disabling @@ -19678,6 +19926,8 @@ Changes prior to 9.18.28 400. [bug] SIG(0) signing and verifying was done incorrectly. [RT #249] +.. code-block:: none + 399. [bug] When reloading the server with a config file containing a syntax error, it could catch an assertion failure trying to perform zone @@ -20222,6 +20472,8 @@ Changes prior to 9.18.28 254. [bug] Suppress "query denied" messages on additional data lookups. +.. code-block:: none + --- 9.0.0b4 released --- 253. [func] resolv.conf parser now recognizes ';' and '#' as @@ -20409,6 +20661,8 @@ Changes prior to 9.18.28 201. [cleanup] Removed the test/sdig program, it has been replaced by bin/dig/dig. +.. code-block:: none + --- 9.0.0b3 released --- 200. [bug] Failures in sending query responses to clients @@ -21133,4 +21387,7 @@ Changes prior to 9.18.28 prevented the isc directory from being created if it didn't exist. +.. code-block:: none + --- 9.0.0b2 released --- +