From: Peter van Dijk Date: Wed, 3 May 2023 10:19:47 +0000 (+0200) Subject: auth-4.8.0-beta1: secpoll&docs X-Git-Tag: auth-4.8.0~10^2 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=90e26e1477a10dbd074ff841b9add3a432c3b80a;p=thirdparty%2Fpdns.git auth-4.8.0-beta1: secpoll&docs --- diff --git a/docs/changelog/4.8.rst b/docs/changelog/4.8.rst index 5724d2d60c..1894391210 100644 --- a/docs/changelog/4.8.rst +++ b/docs/changelog/4.8.rst @@ -1,6 +1,69 @@ Changelogs for 4.8.x ==================== +.. changelog:: + :version: 4.8.0-beta1 + :released: 3rd of May 2023 + + This is release 4.8.0-beta1 of the Authoritative Server. + + In 4.8, the LMDB backend gains a new Lightning Stream-compatible schema, which requires a data migration (this is automatic, and there is no migration back to the old schema). + LMDB backend users should pay extra attention to the :doc:`Upgrade Notes <../upgrading>`. + + `Lightning Stream `_ is an `open source `_ data syncer that allows multiple nodes to sync LMDB (Lightning Memory-Mapped Database) data to and from an S3 (compatible) bucket. This has particular advantages in distributed and/or large-scale applications (i.e. ~1 million records), making DNS replication much, much easier to manage. + + We are excited about how Lightning Stream simplifies running multiple distributed PowerDNS Authoritative servers, with full support for keeping record data and DNSSEC keys in sync, from multiple writers. + + 4.8.0-beta1 adds logic to deal with domains existing twice in the database when two Lightning Stream nodes manage to add it at the same time. It also contains a few other fixes, please see the list below. + + .. change:: + :tags: Bug Fixes + :pullreq: 12729 + + LMDB: handle duplicate domain existence consistently + + .. change:: + :tags: New Features + :pullreq: 12768 + + ixfrdist: add a per domain max-soa-refresh option + + .. change:: + :tags: Improvements + :pullreq: 12636 + + lmdb: handle lack of support for RRset comments better + + .. change:: + :tags: Bug Fixes + :pullreq: 12740 + + Pick the right signer name when a NSEC name is also a delegation point (Kees Monshouwer) + + .. change:: + :tags: New Features + :pullreq: 12669 + + LUA records: enhance ifportup() with lists of sets of addresses like ifurlup() + + .. change:: + :tags: Improvements + :pullreq: 12721 + + calm down the communicator loop (Kees Monshouwer) + + .. change:: + :tags: Bug Fixes + :pullreq: 12706 + + Fixes a typo in pdnsutil clear-zone help output (san983) + + .. change:: + :tags: Improvements + :pullreq: 12664 + + DNSRecord: Ensure that the content can be read or replaced, not edited + .. changelog:: :version: 4.8.0-alpha1 :released: 21st of March 2023 diff --git a/docs/secpoll.zone b/docs/secpoll.zone index 9ba2dde073..444c48830a 100644 --- a/docs/secpoll.zone +++ b/docs/secpoll.zone @@ -1,4 +1,4 @@ -@ 86400 IN SOA pdns-public-ns1.powerdns.com. peter\.van\.dijk.powerdns.com. 2023041700 10800 3600 604800 10800 +@ 86400 IN SOA pdns-public-ns1.powerdns.com. peter\.van\.dijk.powerdns.com. 2023050300 10800 3600 604800 10800 @ 3600 IN NS pdns-public-ns1.powerdns.com. @ 3600 IN NS pdns-public-ns2.powerdns.com. @@ -118,7 +118,8 @@ auth-4.7.1.security-status 60 IN TXT "1 OK" auth-4.7.2.security-status 60 IN TXT "1 OK" auth-4.7.3.security-status 60 IN TXT "1 OK" auth-4.7.4.security-status 60 IN TXT "1 OK" -auth-4.8.0-alpha1.security-status 60 IN TXT "1 Unsupported pre-release" +auth-4.8.0-alpha1.security-status 60 IN TXT "2 Unsupported pre-release (no known vulnerabilities)" +auth-4.8.0-beta1.security-status 60 IN TXT "1 Unsupported pre-release" ; Auth Debian auth-3.4.1-2.debian.security-status 60 IN TXT "3 Upgrade now, see https://doc.powerdns.com/3/security/powerdns-advisory-2015-01/ and https://doc.powerdns.com/3/security/powerdns-advisory-2015-02/ and https://doc.powerdns.com/3/security/powerdns-advisory-2016-02/ and https://doc.powerdns.com/3/security/powerdns-advisory-2016-03/ and https://doc.powerdns.com/3/security/powerdns-advisory-2016-04/ and https://doc.powerdns.com/3/security/powerdns-advisory-2016-05/"