auth-4.7.0: secpoll and docs

diff --git a/docs/changelog/4.7.rst b/docs/changelog/4.7.rst
index 117aeb54b3a13ec632a568dc9bf3658c68353db7..1a7639aca728b74cc1b6085e3a706a0c0d2a7e0f 100644 (file)
--- a/docs/changelog/4.7.rst
+++ b/docs/changelog/4.7.rst
@@ -1,6 +1,49 @@
 Changelogs for 4.7.x
 ====================
 
+.. changelog::
+  :version: 4.7.0
+  :released: 20th of October 2022
+
+  This is version 4.7.0 of the Authoritative Server.
+
+  4.7.0 brings support for :doc:`Catalog Zones <../catalog>`, developed by Kees Monshouwer.
+  As part of that development, the freshness checks in the Primary code were reworked, reducing them from doing potentially thousands of SQL queries (if you have thousands of domains) to only a few.
+  Installations with lots of domains will benefit greatly from this, even without using catalog zones.
+
+  4.7.0 also brings back GSS-TSIG support, previously removed for quality reasons, now reworked with many stability improvements.
+
+  Other things of note:
+
+  * LUA records, when queried over TCP, can now re-use a Lua state, giving a serious performance boost.
+  * lmdbbackend databases now get a UUID assigned, making it easy for external software to spot if a database was completely replaced
+  * lmdbbackend databases now optionally use random IDs for objects
+  * a new LUA function called ``ifurlextup``, and improvements in other LUA record functions
+  * autoprimary management in ``pdnsutil`` and the HTTP API
+  * in beta, a key roller daemon, currently not packaged
+
+  Please make sure to read the :doc:`upgrade notes <../upgrading>` before upgrading.
+
+  Besides that, various other smaller features and improvements have landed - please browse the list below.
+
+  .. change::
+    :tags: Bug Fixes
+    :pullreq: 12069
+
+    Fix compilation of the event ports multiplexer (Jonathan Perkin)
+
+  .. change::
+    :tags: Improvements
+    :pullreq: 12085
+
+    pdnsutil check-zone, skip metadata check for backends without getAllDomainMetadata() (Kees Monshouwer)
+
+  .. change::
+    :tags: Bug Fixes
+    :pullreq: 12098
+
+    fix axfr for tinydns and pipe backend (Kees Monshouwer). Note that this was only broken since 4.7.0-beta2.
+
 .. changelog::
   :version: 4.7.0-rc1
   :released: 3rd of October 2022

diff --git a/docs/secpoll.zone b/docs/secpoll.zone
index 082a52bbcea6154f6994bf9beb94cc1fb773741c..527f454d18a920716a982b35a74044b93275e94f 100644 (file)
--- a/docs/secpoll.zone
+++ b/docs/secpoll.zone
@@ -1,4 +1,4 @@
-@       86400   IN  SOA pdns-public-ns1.powerdns.com. peter\.van\.dijk.powerdns.com. 2022100501 10800 3600 604800 10800
+@       86400   IN  SOA pdns-public-ns1.powerdns.com. peter\.van\.dijk.powerdns.com. 2022102001 10800 3600 604800 10800
 @       3600    IN  NS  pdns-public-ns1.powerdns.com.
 @       3600    IN  NS  pdns-public-ns2.powerdns.com.
 
@@ -110,7 +110,8 @@ auth-4.6.2.security-status                              60 IN TXT "1 OK"
 auth-4.6.3.security-status                              60 IN TXT "1 OK"
 auth-4.7.0-alpha1.security-status                       60 IN TXT "3 Unsupported pre-release (known vulnerabilities)"
 auth-4.7.0-beta2.security-status                        60 IN TXT "3 Unsupported pre-release"
-auth-4.7.0-rc1.security-status                          60 IN TXT "1 Unsupported pre-release"
+auth-4.7.0-rc1.security-status                          60 IN TXT "3 Unsupported pre-release"
+auth-4.7.0.security-status                              60 IN TXT "1 OK"
 
 ; Auth Debian
 auth-3.4.1-2.debian.security-status                     60 IN TXT "3 Upgrade now, see https://doc.powerdns.com/3/security/powerdns-advisory-2015-01/ and https://doc.powerdns.com/3/security/powerdns-advisory-2015-02/ and https://doc.powerdns.com/3/security/powerdns-advisory-2016-02/ and https://doc.powerdns.com/3/security/powerdns-advisory-2016-03/ and https://doc.powerdns.com/3/security/powerdns-advisory-2016-04/ and https://doc.powerdns.com/3/security/powerdns-advisory-2016-05/"