-@ 86400 IN SOA pdns-public-ns1.powerdns.com. peter\.van\.dijk.powerdns.com. 2023111000 10800 3600 604800 10800
+@ 86400 IN SOA pdns-public-ns1.powerdns.com. peter\.van\.dijk.powerdns.com. 2023120600 10800 3600 604800 10800
@ 3600 IN NS pdns-public-ns1.powerdns.com.
@ 3600 IN NS pdns-public-ns2.powerdns.com.
recursor-4.9.2.security-status 60 IN TXT "1 OK"
recursor-5.0.0-alpha1.security-status 60 IN TXT "2 Unsupported pre-release"
recursor-5.0.0-alpha2.security-status 60 IN TXT "2 Unsupported pre-release"
-recursor-5.0.0-beta1.security-status 60 IN TXT "1 Unsupported pre-release"
+recursor-5.0.0-beta1.security-status 60 IN TXT "2 Unsupported pre-release"
+recursor-5.0.0-rc1.security-status 60 IN TXT "1 Unsupported pre-release"
; Recursor Debian
recursor-3.6.2-2.debian.security-status 60 IN TXT "3 Upgrade now, see https://doc.powerdns.com/3/security/powerdns-advisory-2015-01/ and https://doc.powerdns.com/3/security/powerdns-advisory-2016-02/"
Changelogs for 5.0.X
====================
+Before upgrading, it is advised to read the :doc:`../upgrade`.
+
+.. changelog::
+ :version: 5.0.0-rc1
+ :released: 6th of December 2023
+
+ .. change::
+ :tags: Improvements
+ :pullreq: 13557
+
+ Remove experimental warnings for YAML.
+
+ .. change::
+ :tags: Improvements
+ :pullreq: 13507
+ :tickets: 13386
+
+ Disallow (by answering Refused) RD=0 by default.
+
+ .. change::
+ :tags: Bug Fixes
+ :pullreq: 13543
+ :tickets: 13542
+
+ A single NSEC3 record covering everything is a special case.
+
+ .. change::
+ :tags: Improvements
+ :pullreq: 13434
+
+ Make syncres code clang-tidy.
+
+ .. change::
+ :tags: Bug Fixes
+ :pullreq: 13511
+ :tickets: 13463
+
+ Document outgoing querycounts better, including a small fix.
+
+ .. change::
+ :tags: Improvements
+ :pullreq: 13501
+ :tickets: 12842
+
+ Introduce a setting to allow RPZ duplicates, including a dup handling fix.
+
+ .. change::
+ :tags: Bug Fixes
+ :pullreq: 13497
+ :tickets: 13483
+
+ Take into account throttled queries when determining if we had a cachehit.
+
+ .. change::
+ :tags: Improvements
+ :pullreq: 13387
+
+ Update new b-root-server.net addresses in built-in hints.
+
+ .. change::
+ :tags: Bug Fixes
+ :pullreq: 13480
+ :tickets: 13467
+
+ Correctly apply outgoing.tcp_max_queries bound.
+
+ .. change::
+ :tags: Improvements
+ :pullreq: 13478
+
+ Change default of nsec3-max-iterations to 50.
+
+ .. change::
+ :tags: Improvements
+ :pullreq: 13477
+
+ Warn if truncation occurred dumping the trace.
+
.. changelog::
:version: 5.0.0-beta1
:released: 10th of November 2023
The changelogs for the recursor are split between release trains.
+Before upgrading, it is advised to read the :doc:`../upgrade`.
+
.. toctree::
:maxdepth: 2
Rust
^^^^
Some parts of the Recursor code are now written in Rust.
-This has impact if you do local builds or are third-package maintainer.
+This has impact if you do local builds or are a third-party package maintainer.
According to `cargo msrv` the minimum version to compile the Rust code and its dependencies is 1.64.
Some distributions ship with an older Rust compiler, see `Rustup <https://rustup.rs/>`__ for a way to install a more recent one.
For our package builds, we install a Rust compiler from the ``Standalone`` section of `Other Rust Installation Methods <https://forge.rust-lang.org/infra/other-installation-methods.html>`__.
- The :ref:`setting-tcp-threads` setting has been introduced to set the number of threads dedicated to processing incoming queries over TCP.
Previously either the distributor thread(s) or the general worker threads would process TCP queries.
- The :ref:`setting-qname-max-minimize-count` and :ref:`setting-qname-minimize-one-label` have been introduced to allow tuning of the parameters specified in :rfc:`9156`.
+- The :ref:`setting-allow-no-rd` has been introduced, default disabled, *disallowing* queries that do not have the ``Recursion Desired (RD)`` flag set.
+ This is a change in behviour compared to previous releases.
+- The setting ``ignoreDuplicates`` was added to the RPZ loading Lua functions :func:`rpzPrimary` and :func:`rpzFile`.
+ If set, duplicate records in RPZs will be allowed but ignored.
+ The default is to fail loading an RPZ with duplicate records.
Changed settings
^^^^^^^^^^^^^^^^
- The :ref:`setting-loglevel` can now be set to a level below 3 (error).
- The :ref:`setting-extended-resolution-errors` now defaults to enabled.
+- The :ref:`setting-nsec3-max-iterations` now defaults to 50.
4.8.0 to 4.9.0
--------------
projects / thirdparty / pdns.git / commitdiff
