Commit graph

3157 commits

Author SHA1 Message Date
Ondřej Surý
1af9f28301
Document that non-IN RR class issues are out of CVE scope
CVE-2026-5946 covered assertion failures reachable only through the
handling of resource record classes other than Internet (IN).
Configuring zones or views with such classes is a supported feature;
document in the security assumptions that problems reachable only
through it cannot be the basis for CVE assignment.

Closes #5805

Assisted-by: Claude:claude-opus-4-8
(cherry picked from commit fc06f799dc)
2026-07-01 13:13:48 +02:00
Ondřej Surý
173255127f Add the tcp-reuse-timeout option
The idle timeout that bounds how long a reused outgoing TCP/TLS
connection is held open for reuse was only tunable through the 'named -T
tcpidletimeout' developer hook added earlier on this branch. Make it a
proper configuration option, tcp-reuse-timeout (options block, in units
of 100 milliseconds like the other tcp-*-timeout options), and drop the
-T hook.

(cherry picked from commit 477130cf8e)
2026-06-25 11:37:51 +02:00
Michal Nowak
c2b901d5e5 Add Alpine Linux 3.24
(cherry picked from commit 774a9661fc)
2026-06-24 18:06:47 +02:00
Nicki Křížek
3b7312e2c0 Prepare release notes for BIND 9.20.24 2026-06-08 10:26:37 +02:00
Nicki Křížek
7db4b5f214 Generate changelog for BIND 9.20.24 2026-06-08 10:25:51 +02:00
Michal Nowak
ad3ac34b2b Ignore gitlab.gnome.org links in Sphinx linkcheck
GNOME GitLab returns HTTP 406 to Sphinx's linkcheck requests, the
same behavior already worked around for gitlab.isc.org.

Assisted-by: Claude:claude-opus-4-7
(cherry picked from commit 2850dc9d71)
2026-05-27 09:21:41 +00:00
Michal Nowak
f66eee3128 Add Fedora 44
(cherry picked from commit 175b4f1711)
2026-05-21 07:53:38 +02:00
Andoni Duarte
3d293e2a1e Merge tag 'v9.20.23' into bind-9.20 2026-05-20 10:18:28 +00:00
Michal Nowak
faa4d5dafc
Add Ubuntu 26.04 Resolute Raccoon
(cherry picked from commit 14457ec326)
2026-05-11 18:39:13 +02:00
Andoni Duarte Pintado
6a65bf467b Prepare release notes for BIND 9.20.23 2026-05-08 11:55:07 +02:00
Andoni Duarte Pintado
79f71827d0 Generate changelog for BIND 9.20.23 2026-05-08 11:55:06 +02:00
Michal Nowak
bd5dd326cc
Prepare release notes for BIND 9.20.22 2026-03-31 17:33:57 +02:00
Michal Nowak
dfc2610057
Generate changelog for BIND 9.20.22 2026-03-31 17:33:09 +02:00
Michał Kępień
b040b566fe Merge tag 'v9.20.21' into bind-9.20 2026-03-25 14:24:13 +00:00
Michal Nowak
0916964885
pkcs11-provider project has new home
(cherry picked from commit bf56489c45)
2026-03-25 12:09:13 +01:00
Michal Nowak
7294940f3f Set User-Agent for Sphinx to fix gitlab.gnome.org
The linkcheck started to fail because of a new check on gitlab.gnome.org
that now forbids Sphinx User-Agent, returnin 406 HTTP status.

    (       chapter10: line  115) broken    https://gitlab.gnome.org/GNOME/libxml2/-/wikis/home - 406 Client Error: Not Acceptable for url: https://gitlab.gnome.org/GNOME/libxml2/-/wikis/home

(cherry picked from commit 617471d85d)
2026-03-25 10:26:31 +00:00
Michał Kępień
a6aae97118
Prepare release notes for BIND 9.20.21 2026-03-13 21:33:25 +01:00
Michał Kępień
826a224012
Generate changelog for BIND 9.20.21 2026-03-13 21:33:25 +01:00
Ondřej Surý
22aa753e8c Expand blackhole description
Clarify the behavior of negated addresses within the `blackhole`
statement to prevent common configuration misunderstandings.

(cherry picked from commit 2b23c7011e)
2026-03-12 01:09:03 +00:00
Michał Kępień
140d817e13
Prepare release notes for BIND 9.20.20 2026-02-26 21:29:38 +01:00
Michał Kępień
833316c29f
Generate changelog for BIND 9.20.20 2026-02-26 21:29:38 +01:00
Štěpán Balážik
5fc2b9b2f3 Remove superfluous 'pylint: disable' directives
Some of these have been fixed already, fix the rest.

(cherry picked from commit 08f5e5ebd1)
2026-02-25 13:33:25 +01:00
Štěpán Balážik
746ca1d481 Automatically sort imports in Python code
Generated with: ruff check --extend-select I --fix (with the changes to
pyproject.toml applied).

(cherry picked from commit ffd5b6ac26)
2026-02-25 13:33:20 +01:00
Štěpán Balážik
a2cdf5d8cd Lint code in doc directory
Adjust ignore lists of linters to check more code.

(cherry picked from commit 0fb7403ef4)
2026-02-25 13:15:05 +01:00
Petr Špaček
2804c4a35e Prepare release notes for BIND 9.20.19 2026-02-04 14:40:59 +01:00
Petr Špaček
0503d77b8f Generate changelog for BIND 9.20.19 2026-02-04 14:40:21 +01:00
Nicki Křížek
bf303c793e Apply black formatting changes
Generated by black 26.1.0 which got updated in CI.
2026-01-21 22:39:09 +01:00
Nicki Křížek
64c46390cc Prepare release notes for BIND 9.20.18 2026-01-09 13:22:28 +01:00
Nicki Křížek
2ab0a44336 Generate changelog for BIND 9.20.18 2026-01-08 16:12:53 +01:00
Michal Nowak
0a55f28bc8
Add FreeBSD 15.0
(cherry picked from commit 282f87461b)
2026-01-06 22:47:09 +01:00
Andoni Duarte
59946fce4c Merge tag 'v9.20.17' into bind-9.20 2025-12-17 15:33:14 +00:00
Andoni Duarte Pintado
f8aae78496 Prepare release notes for BIND 9.20.17 2025-12-09 18:33:22 +01:00
Andoni Duarte Pintado
6222bf35fc Generate changelog for BIND 9.20.17 2025-12-09 18:33:21 +01:00
Michal Nowak
2a5863af5a Add Alpine Linux 3.23
(cherry picked from commit 492256643d)
2025-12-09 13:30:54 +01:00
Evan Hunt
2d18b0da46 correct a double negative in the padding doc
`padding` is incompatible with TSIG and SIG(0), not with "no" TSIG
and SIG(0).

(cherry picked from commit d054741d92)
2025-12-05 22:32:07 +00:00
Matthijs Mekking
1d2d23549d Fix sig-signing-* duplicate documentation
(cherry picked from commit c3951cdec0)
2025-12-05 10:53:31 +00:00
Michal Nowak
867fd320a1
Add Fedora 43
(cherry picked from commit 350c3a9a19)
2025-11-27 17:12:24 +01:00
Andoni Duarte Pintado
fc2a620b10 Update wiki.wireshark.org link in doc/arm
Fix the broken link https://wiki.wireshark.org/TLS#tls-decryption.
Since their TOC also has the wrong anchor, we remove it altogether,
i.e. https://wiki.wireshark.org/TLS.

(cherry picked from commit fe98568be6)
2025-11-27 09:42:52 +01:00
Michal Nowak
9f1a1602d7
Prepare release notes for BIND 9.20.16 2025-11-06 19:26:23 +01:00
Michal Nowak
78148b11f1
Generate changelog for BIND 9.20.16 2025-11-06 19:24:45 +01:00
Michał Kępień
064dbdffca
Prepare release notes for BIND 9.20.15 2025-10-18 09:49:32 +02:00
Michał Kępień
5ce20ea209
Prepare changelog for BIND 9.20.15 2025-10-18 09:49:32 +02:00
Michał Kępień
45b4fac602
Prepare release notes for BIND 9.20.14 2025-10-02 18:13:26 +02:00
Michał Kępień
921061aaeb
Generate changelog for BIND 9.20.14 2025-10-02 18:13:26 +02:00
Mark Andrews
a266f329e9
Retry lookups with unsigned DNAME over TCP
To prevent spoofed unsigned DNAME responses being accepted retry
response with unsigned DNAMEs over TCP if the response is not TSIG
signed or there isn't a good DNS CLIENT COOKIE.

(cherry picked from commit 2e40705c06)
2025-10-02 12:58:54 +02:00
Mark Andrews
3ddf4e957b Make it clearer that disable-algorithms applies to zone names
(cherry picked from commit 28848ab578)
2025-09-29 11:16:24 +10:00
Andoni Duarte
4e92403ab6 Merge branch 'bind-9.20' into 'v9.20.13-release'
# Conflicts:
#   configure.ac
2025-09-12 06:52:40 +00:00
Petr Špaček
5ae34607ac Prevent Sphinx from messing up syntax with "smartquotes" feature
Sphinx's smartquotes feature was rewriting -- to en-dash, "" to proper
English quotes etc. This was messing up syntax at unpredictable places.
Disable this feature instead of attempting to escape all the places in
the manual.

(cherry picked from commit 66e58d3315)
2025-09-11 11:18:41 +00:00
Petr Špaček
2f2c312c4f Reorder appendices in ARM
The new order hopefully reflects likelihood of someone reading from start
to the end:

DNSSEC Guide
Manual Pages
General DNS Reference Information
Release Notes
Changelog
A Brief History of the DNS and BIND

(cherry picked from commit ed0db245be)
2025-09-11 11:18:41 +00:00
Petr Špaček
8a542e3a37 Prepare release notes for BIND 9.20.13 2025-09-04 18:01:20 +02:00