From 74a579cadd05ed411993e0a77d05f5abdd92b604 Mon Sep 17 00:00:00 2001 From: Peter van Dijk Date: Wed, 9 Jun 2021 10:50:25 +0200 Subject: [PATCH] auth-4.5.0-beta1: docs+secpoll --- .github/actions/spell-check/expect.txt | 1 + docs/changelog/4.5.rst | 39 ++++++++++++++++++++++++++ docs/secpoll.zone | 5 ++-- docs/upgrading.rst | 2 +- 4 files changed, 44 insertions(+), 3 deletions(-) diff --git a/.github/actions/spell-check/expect.txt b/.github/actions/spell-check/expect.txt index df7c6d79bd..e8045650af 100644 --- a/.github/actions/spell-check/expect.txt +++ b/.github/actions/spell-check/expect.txt @@ -470,6 +470,7 @@ ebpf ebpfblocklist ECCN ecdsa +ech econds ECONNRESET ecs diff --git a/docs/changelog/4.5.rst b/docs/changelog/4.5.rst index c858308b06..59a2443a12 100644 --- a/docs/changelog/4.5.rst +++ b/docs/changelog/4.5.rst @@ -1,6 +1,45 @@ Changelogs for 4.5.x ==================== +.. changelog:: + :version: 4.5.0-beta1 + :released: 9th of June 2021 + + This is version 4.5.0-beta1 of the Authoritative Server. + This release contains a ton of improvements and bug fixes compared to 4.4, but very few user visible changes. + + The one notable feature is the 'zone cache', which allows PowerDNS to keep a list of zones in memory, updated periodically. + With this cache, PowerDNS can avoid hitting the database with queries for unknown domains. + In some setups, and some attack scenarios, this can make a serious performance difference. + + In beta1, the zone cache is enabled by default. + + Please make sure to read the :doc:`upgrade notes <../upgrading>` before upgrading. + + .. change:: + :tags: New Features + :pullreq: 10463 + + LUA records: add filterForward function, to limit the scope of createForward[6] + + .. change:: + :tags: New Features + :pullreq: 10454 + + add/fix getAllDomains() and enable the zone cache by default (Kees Monshouwer) + + .. change:: + :tags: Improvements + :pullreq: 10461 + + simplify createDomain() (Kees Monshouwer) + + .. change:: + :tags: Improvements + :pullreq: 10342 + + SVCB: rename echconfig to ech and add test vectors from draft + .. changelog:: :version: 4.5.0-alpha1 :released: 27th of May 2021 diff --git a/docs/secpoll.zone b/docs/secpoll.zone index 1dfb33ee7c..5e6121e9eb 100644 --- a/docs/secpoll.zone +++ b/docs/secpoll.zone @@ -1,4 +1,4 @@ -@ 86400 IN SOA pdns-public-ns1.powerdns.com. pieter\.lexis.powerdns.com. 2021060900 10800 3600 604800 10800 +@ 86400 IN SOA pdns-public-ns1.powerdns.com. pieter\.lexis.powerdns.com. 2021060901 10800 3600 604800 10800 @ 3600 IN NS pdns-public-ns1.powerdns.com. @ 3600 IN NS pdns-public-ns2.powerdns.com. @@ -78,7 +78,8 @@ auth-4.4.0-beta1.security-status 60 IN TXT "2 Unsupported auth-4.4.0-rc1.security-status 60 IN TXT "2 Unsupported pre-release (no known vulnerabilities)" auth-4.4.0.security-status 60 IN TXT "1 OK" auth-4.4.1.security-status 60 IN TXT "1 OK" -auth-4.5.0-alpha1.security-status 60 IN TXT "1 OK" +auth-4.5.0-alpha1.security-status 60 IN TXT "2 Unsupported pre-release (no known vulnerabilities)" +auth-4.5.0-beta1.security-status 60 IN TXT "1 OK" ; Auth Debian auth-3.4.1-2.debian.security-status 60 IN TXT "3 Upgrade now, see https://doc.powerdns.com/3/security/powerdns-advisory-2015-01/ and https://doc.powerdns.com/3/security/powerdns-advisory-2015-02/ and https://doc.powerdns.com/3/security/powerdns-advisory-2016-02/ and https://doc.powerdns.com/3/security/powerdns-advisory-2016-03/ and https://doc.powerdns.com/3/security/powerdns-advisory-2016-04/ and https://doc.powerdns.com/3/security/powerdns-advisory-2016-05/" diff --git a/docs/upgrading.rst b/docs/upgrading.rst index e1fc820cd0..76dea765f9 100644 --- a/docs/upgrading.rst +++ b/docs/upgrading.rst @@ -54,7 +54,7 @@ Removed options ~~~~~~~~~~~~~~~ - :ref:`setting-local-ipv6` has been removed. IPv4 and IPv6 listen addresses should now be set with :ref:`setting-local-address`. -Starting with auth-4.5.0-alpha2: +Starting with auth-4.5.0-beta1: - The default value of the ``zone-cache-refresh-interval`` option has been changed from ``0`` to ``300``. -- 2.47.2