diff --git a/configure.ac b/configure.ac index 456ab4a9b5..1e10d5756b 100644 --- a/configure.ac +++ b/configure.ac @@ -16,7 +16,7 @@ # m4_define([bind_VERSION_MAJOR], 9)dnl m4_define([bind_VERSION_MINOR], 18)dnl -m4_define([bind_VERSION_PATCH], 6)dnl +m4_define([bind_VERSION_PATCH], 7)dnl m4_define([bind_VERSION_EXTRA], -dev)dnl m4_define([bind_DESCRIPTION], [(Stable Release)])dnl m4_define([bind_SRCID], [m4_esyscmd_s([git rev-parse --short HEAD | cut -b1-7])])dnl diff --git a/doc/notes/notes-current.rst b/doc/notes/notes-current.rst index 198ba78f2a..59188df86e 100644 --- a/doc/notes/notes-current.rst +++ b/doc/notes/notes-current.rst @@ -9,7 +9,7 @@ .. See the COPYRIGHT file distributed with this work for additional .. information regarding copyright ownership. -Notes for BIND 9.18.6 +Notes for BIND 9.18.7 --------------------- Security Fixes @@ -35,38 +35,9 @@ Removed Features Feature Changes ~~~~~~~~~~~~~~~ -- DNSSEC ``RSASHA1`` and ``NSEC3RSASHA1`` are automatically disabled - on systems (e.g. RHEL9) where they are disallowed by the security - policy. Primary zones using those algorithms need to be moved - off of them prior to running on these systems as graceful migration - to different DNSSEC algorithms is not possible when RSASHA1 is - disallowed by the OS. :gl:`#3469` - -- Fetch limit log messages have been improved to provide more complete - information. Specifically, the final values of allowed and spilled fetches - will now be logged before the counter object gets destroyed. :gl:`#3461` +- None. Bug Fixes ~~~~~~~~~ -- When running as a validating resolver forwarding all queries to - another resolver, :iscman:`named` could crash with an assertion - failure. These crashes occurred when the configured forwarder sent a - broken DS response and :iscman:`named` failed its attempts to find a - proper one instead. This has been fixed. :gl:`#3439` - -- Non-dynamic zones that inherit dnssec-policy from the view or - options level were not marked as inline-signed, and thus were never - scheduled to be re-signed. This is now fixed. :gl:`#3438` - -- The old ``max-zone-ttl`` zone option was meant to be superseded by - the ``max-zone-ttl`` option in ``dnssec-policy``; however, the latter - option was not fully effective. This has been corrected: zones will - not load if they contain TTLs greater than the limit configured in - ``dnssec-policy``. In zones with both the old ``max-zone-ttl`` - option and ``dnssec-policy`` configured, the old option will be - ignored, and a warning will be generated. :gl:`#2918` - -- Fix `rndc dumpdb -expired` to include expired RRsets, even if the cache - cleaning time window has passed. This will now show expired RRsets that are - stuck in the cache. :gl:`#3462` +- None.