upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-03-09 17:50:52 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
bind9/doc/notes/notes-9.17.7.rst
Ondřej Surý 58bd26b6cf Update the copyright information in all files in the repository 
This commit converts the license handling to adhere to the REUSE
specification.  It specifically:

1. Adds used licnses to LICENSES/ directory

2. Add "isc" template for adding the copyright boilerplate

3. Changes all source files to include copyright and SPDX license
   header, this includes all the C sources, documentation, zone files,
   configuration files.  There are notes in the doc/dev/copyrights file
   on how to add correct headers to the new files.

4. Handle the rest that can't be modified via .reuse/dep5 file.  The
   binary (or otherwise unmodifiable) files could have license places
   next to them in <foo>.license file, but this would lead to cluttered
   repository and most of the files handled in the .reuse/dep5 file are
   system test files.
2022-01-11 09:05:02 +01:00

65 lines
2.6 KiB
ReStructuredText
Raw Blame History

.. Copyright (C) Internet Systems Consortium, Inc. ("ISC")
..
.. SPDX-License-Identifier: MPL-2.0
..
.. This Source Code Form is subject to the terms of the Mozilla Public
.. License, v. 2.0. If a copy of the MPL was not distributed with this
.. file, you can obtain one at https://mozilla.org/MPL/2.0/.
..
.. See the COPYRIGHT file distributed with this work for additional
.. information regarding copyright ownership.
Notes for BIND 9.17.7
---------------------
New Features
~~~~~~~~~~~~
- Support for DNS over TLS (DoT) has been added: the ``dig`` tool is now
able to send DoT queries (``+tls`` option) and ``named`` can handle
DoT queries (``listen-on tls ...`` option). ``named`` can use either a
certificate provided by the user or an ephemeral certificate generated
automatically upon startup. :gl:`#1840`
- A new configuration option, ``stale-refresh-time``, has been
introduced. It allows a stale RRset to be served directly from cache
for a period of time after a failed lookup, before a new attempt to
refresh it is made. :gl:`#2066`
Feature Changes
~~~~~~~~~~~~~~~
- The ``dig``, ``host``, and ``nslookup`` tools have been converted to
use the new network manager API rather than the older ISC socket API.
As a side effect of this change, the ``dig +unexpected`` option no
longer works. This could previously be used to diagnose broken servers
or network configurations by listening for replies from servers other
than the one that was queried. With the new API, such answers are
filtered before they ever reach ``dig``, so the option has been
removed. :gl:`#2140`
- The network manager API is now used by ``named`` to send zone transfer
requests. :gl:`#2016`
Bug Fixes
~~~~~~~~~
- ``named`` could crash with an assertion failure if a TCP connection
were closed while a request was still being processed. :gl:`#2227`
- ``named`` acting as a resolver could incorrectly treat signed zones
with no DS record at the parent as bogus. Such zones should be treated
as insecure. This has been fixed. :gl:`#2236`
- After a Negative Trust Anchor (NTA) is added, BIND performs periodic
checks to see if it is still necessary. If BIND encountered a failure
while creating a query to perform such a check, it attempted to
dereference a ``NULL`` pointer, resulting in a crash. :gl:`#2244`
- A problem obtaining glue records could prevent a stub zone from
functioning properly, if the authoritative server for the zone were
configured for minimal responses. :gl:`#1736`
- ``UV_EOF`` is no longer treated as a ``TCP4RecvErr`` or a
``TCP6RecvErr``. :gl:`#2208`
Reference in a new issue View git blame Copy permalink