mirror of
https://github.com/isc-projects/bind9.git
synced 2026-06-09 07:22:08 -04:00
Merge branch 'mnowak/set-up-version-and-release-notes-for-bind-9.19.18' into 'main'
Set up version and release notes for BIND 9.19.18 See merge request isc-projects/bind9!8291
This commit is contained in:
Michal Nowak
commit
d78a3774e2
2 changed files with 6 additions and 46 deletions
|
|
@ -16,7 +16,7 @@
|
|||
#
|
||||
m4_define([bind_VERSION_MAJOR], 9)dnl
|
||||
m4_define([bind_VERSION_MINOR], 19)dnl
|
||||
m4_define([bind_VERSION_PATCH], 17)dnl
|
||||
m4_define([bind_VERSION_PATCH], 18)dnl
|
||||
m4_define([bind_VERSION_EXTRA], -dev)dnl
|
||||
m4_define([bind_DESCRIPTION], [(Development Release)])dnl
|
||||
m4_define([bind_SRCID], [m4_esyscmd_s([git rev-parse --short HEAD | cut -b1-7])])dnl
|
||||
|
|
|
|||
|
|
@ -9,7 +9,7 @@
|
|||
.. See the COPYRIGHT file distributed with this work for additional
|
||||
.. information regarding copyright ownership.
|
||||
|
||||
Notes for BIND 9.19.17
|
||||
Notes for BIND 9.19.18
|
||||
----------------------
|
||||
|
||||
Security Fixes
|
||||
|
|
@ -20,62 +20,22 @@ Security Fixes
|
|||
New Features
|
||||
~~~~~~~~~~~~
|
||||
|
||||
- Add support for User Statically Defined Tracing (USDT) probes - static tracing
|
||||
points for user-level software. This allows a fine-grained application
|
||||
tracing with zero-overhead when the probes are not enabled. :gl:`#4041`
|
||||
- None.
|
||||
|
||||
Removed Features
|
||||
~~~~~~~~~~~~~~~~
|
||||
|
||||
- The :any:`dnssec-must-be-secure` option has been deprecated and will be
|
||||
removed in a future release. :gl:`#4263`
|
||||
- None.
|
||||
|
||||
Feature Changes
|
||||
~~~~~~~~~~~~~~~
|
||||
|
||||
- Make :iscman:`nsupdate` honor the ``-v`` option for SOA queries, that is send
|
||||
the request over TCP, only if the server is specified. :gl:`#1181`
|
||||
|
||||
- Extend client side support for the EDNS EXPIRE option to IXFR and
|
||||
AXFR query types. ``named`` will now be making EDNS queries AXFR
|
||||
and IXFR queries with EDNS options present. :gl:`#4170`
|
||||
|
||||
- Compiling with jemalloc versions older than 4.0.0 is no longer supported;
|
||||
those versions do not provide the features required by current BIND 9
|
||||
releases. :gl:`#4296`
|
||||
- None.
|
||||
|
||||
Bug Fixes
|
||||
~~~~~~~~~
|
||||
|
||||
- The value of If-Modified-Since header in statistics channel was not checked
|
||||
for length leading to possible buffer overflow by an authorized user. We
|
||||
would like to emphasize that statistics channel must be properly setup to
|
||||
allow access only from authorized users of the system. :gl:`#4124`
|
||||
|
||||
This issue was reported independently by Eric Sesterhenn of X41 D-SEC and
|
||||
Cameron Whitehead.
|
||||
|
||||
- The value of Content-Length header in statistics channel was not
|
||||
bound checked and negative or large enough value could lead to
|
||||
overflow and assertion failure. :gl:`#4125`
|
||||
|
||||
This issue was reported by Eric Sesterhenn of X41 D-SEC.
|
||||
|
||||
- Address memory leaks due to not clearing OpenSSL error stack. :gl:`#4159`
|
||||
|
||||
This issue was reported by Eric Sesterhenn of X41 D-SEC.
|
||||
|
||||
- Following the introduction of krb5-subdomain-self-rhs and
|
||||
ms-subdomain-self-rhs update rules, removal of nonexistent PTR
|
||||
and SRV records via UPDATE could fail. This has been fixed. :gl:`#4280`
|
||||
|
||||
- The value of :any:`stale-refresh-time` was set to zero after ``rndc flush``.
|
||||
This has been fixed. :gl:`#4278`
|
||||
|
||||
- BIND could consume more memory than it needs. That has been fixed by
|
||||
using specialised jemalloc memory arenas dedicated to sending buffers. It
|
||||
allowed us to optimize the process of returning memory pages back to
|
||||
the operating system. :gl:`#4038`
|
||||
- None.
|
||||
|
||||
Known Issues
|
||||
~~~~~~~~~~~~
|
||||
|
|
|
|||
Loading…
Reference in a new issue