mirror of
https://github.com/isc-projects/bind9.git
synced 2026-05-28 04:34:54 -04:00
52 lines
1.7 KiB
ReStructuredText
52 lines
1.7 KiB
ReStructuredText
.. Copyright (C) Internet Systems Consortium, Inc. ("ISC")
|
|
..
|
|
.. SPDX-License-Identifier: MPL-2.0
|
|
..
|
|
.. This Source Code Form is subject to the terms of the Mozilla Public
|
|
.. License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
.. file, you can obtain one at https://mozilla.org/MPL/2.0/.
|
|
..
|
|
.. See the COPYRIGHT file distributed with this work for additional
|
|
.. information regarding copyright ownership.
|
|
|
|
Notes for BIND 9.20.16
|
|
----------------------
|
|
|
|
Bug Fixes
|
|
~~~~~~~~~
|
|
|
|
- Skip unsupported algorithms when looking for a signing key.
|
|
|
|
A mix of supported and unsupported DNSSEC algorithms in the same zone
|
|
could cause validation failures. Unsupported algorithms are now
|
|
ignored when looking for signing keys. :gl:`#5622`
|
|
|
|
- Fix :iscman:`dnssec-keygen` key collision checking for KEY RRtype
|
|
keys.
|
|
|
|
The :iscman:`dnssec-keygen` utility program failed to detect possible
|
|
KEY ID collisions with existing keys generated using the non-default
|
|
``-T KEY`` option (e.g., for ``SIG(0)``). This has been fixed.
|
|
:gl:`#5506`
|
|
|
|
- :iscman:`dnssec-verify` now uses exit code 1 when failing due to
|
|
illegal options.
|
|
|
|
Previously, :iscman:`dnssec-verify` exited with code 0 if the options
|
|
could not be parsed. This has been fixed. :gl:`#5574`
|
|
|
|
- Prevent assertion failures of :iscman:`dig` when a server is specified
|
|
before the ``-b`` option.
|
|
|
|
Previously, :iscman:`dig` could exit with an assertion failure when
|
|
a server was specified before the :option:`dig -b` option. This has
|
|
been fixed. :gl:`#5609`
|
|
|
|
- Skip buffer allocations if not logging.
|
|
|
|
Previously, we allocated a 2KB buffer for IXFR change logging,
|
|
regardless of the log level.
|
|
|
|
This results in a 28% speedup in some scenarios.
|
|
|
|
|