From 04310d5005d7816e2285835e341d9c8cf14f9aa0 Mon Sep 17 00:00:00 2001 From: Peter van Dijk Date: Fri, 25 Jun 2021 09:37:53 +0200 Subject: [PATCH] auth-4.5.0-rc1: secpoll&docs --- docs/changelog/4.5.rst | 69 ++++++++++++++++++++++++++++++++++++++++++ docs/secpoll.zone | 5 +-- 2 files changed, 72 insertions(+), 2 deletions(-) diff --git a/docs/changelog/4.5.rst b/docs/changelog/4.5.rst index 59a2443a12..d5691272d8 100644 --- a/docs/changelog/4.5.rst +++ b/docs/changelog/4.5.rst @@ -1,6 +1,75 @@ Changelogs for 4.5.x ==================== +.. changelog:: + :version: 4.5.0-rc1 + :released: 25th of June 2021 + + This is the first release candidate for version 4.5.0 of the Authoritative Server. + This release contains a ton of improvements and bug fixes compared to 4.4, but very few user visible changes. + + The one notable feature is the 'zone cache', which allows PowerDNS to keep a list of zones in memory, updated periodically. + With this cache, PowerDNS can avoid hitting the database with queries for unknown domains. + In some setups, and some attack scenarios, this can make a serious performance difference. + + Since 4.5.0-beta1, the zone cache is enabled by default. + + Please make sure to read the :doc:`upgrade notes <../upgrading>` before upgrading. + + .. change:: + :tags: Bug Fixes + :pullreq: 10522 + + SVCB additional processing: delay inserts to avoid invalidating iterator; do not chase chains outside of zone + + .. change:: + :tags: Improvements + :pullreq: 10514 + + 2136: allow placing DNSKEY/CDS/CDNSKEY regardless of direct-dnskey setting + + .. change:: + :tags: Bug Fixes + :pullreq: 10513 + + pdnsutil edit-zone: correctly reask inc-serial question + + .. change:: + :tags: Improvements + :pullreq: 10512 + + pdnsutil add-autoprimary: print error when exiting with 1 + + .. change:: + :tags: Bug Fixes + :pullreq: 10511 + + SVCB: on parse error, throw instead of truncate + + .. change:: + :tags: Bug Fixes + :pullreq: 10510 + + SVCB: Fix auto hints removing non-auto hints + + .. change:: + :tags: Improvements + :pullreq: 10509 + + pdnsutil create-zone: better error if default-soa-content is broken + + .. change:: + :tags: Improvements + :pullreq: 10373 + + pdnsutil add-zone-key: clarify ZSK default + + .. change:: + :tags: New Features + :pullreq: 9474 + + newCAFromRaw(): create ComboAddress from raw 4/16 byte strings, plus test + .. changelog:: :version: 4.5.0-beta1 :released: 9th of June 2021 diff --git a/docs/secpoll.zone b/docs/secpoll.zone index 5e6121e9eb..e89e30d1da 100644 --- a/docs/secpoll.zone +++ b/docs/secpoll.zone @@ -1,4 +1,4 @@ -@ 86400 IN SOA pdns-public-ns1.powerdns.com. pieter\.lexis.powerdns.com. 2021060901 10800 3600 604800 10800 +@ 86400 IN SOA pdns-public-ns1.powerdns.com. pieter\.lexis.powerdns.com. 2021062501 10800 3600 604800 10800 @ 3600 IN NS pdns-public-ns1.powerdns.com. @ 3600 IN NS pdns-public-ns2.powerdns.com. @@ -79,7 +79,8 @@ auth-4.4.0-rc1.security-status 60 IN TXT "2 Unsupported auth-4.4.0.security-status 60 IN TXT "1 OK" auth-4.4.1.security-status 60 IN TXT "1 OK" auth-4.5.0-alpha1.security-status 60 IN TXT "2 Unsupported pre-release (no known vulnerabilities)" -auth-4.5.0-beta1.security-status 60 IN TXT "1 OK" +auth-4.5.0-beta1.security-status 60 IN TXT "2 Unsupported pre-release (no known vulnerabilities)" +auth-4.5.0-rc1.security-status 60 IN TXT "1 OK" ; Auth Debian auth-3.4.1-2.debian.security-status 60 IN TXT "3 Upgrade now, see https://doc.powerdns.com/3/security/powerdns-advisory-2015-01/ and https://doc.powerdns.com/3/security/powerdns-advisory-2015-02/ and https://doc.powerdns.com/3/security/powerdns-advisory-2016-02/ and https://doc.powerdns.com/3/security/powerdns-advisory-2016-03/ and https://doc.powerdns.com/3/security/powerdns-advisory-2016-04/ and https://doc.powerdns.com/3/security/powerdns-advisory-2016-05/" -- 2.47.2