From: Otto Moerbeek Date: Mon, 13 May 2024 08:47:43 +0000 (+0200) Subject: rec: prep for 20240514 releases X-Git-Tag: rec-5.1.0-alpha1^2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6100c4aa5d95b6a0bade3d991cd3406c40a46511;p=thirdparty%2Fpdns.git rec: prep for 20240514 releases --- diff --git a/docs/secpoll.zone b/docs/secpoll.zone index e2ef359a8b..041dbb62e2 100644 --- a/docs/secpoll.zone +++ b/docs/secpoll.zone @@ -1,4 +1,4 @@ -@ 86400 IN SOA pdns-public-ns1.powerdns.com. peter\.van\.dijk.powerdns.com. 2024051301 10800 3600 604800 10800 +@ 86400 IN SOA pdns-public-ns1.powerdns.com. peter\.van\.dijk.powerdns.com. 2024051401 10800 3600 604800 10800 @ 3600 IN NS pdns-public-ns1.powerdns.com. @ 3600 IN NS pdns-public-ns2.powerdns.com. @@ -361,6 +361,7 @@ recursor-4.8.5.security-status 60 IN TXT "3 Upgrade now recursor-4.8.6.security-status 60 IN TXT "1 OK" recursor-4.8.7.security-status 60 IN TXT "3 Upgrade now, see https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-02.html" recursor-4.8.8.security-status 60 IN TXT "1 OK" +recursor-4.8.9.security-status 60 IN TXT "1 OK" recursor-4.9.0-alpha1.security-status 60 IN TXT "3 Unsupported pre-release (known vulnerabilities)" recursor-4.9.0-beta1.security-status 60 IN TXT "3 Unsupported pre-release (known vulnerabilities)" recursor-4.9.0-rc1.security-status 60 IN TXT "3 Unsupported pre-release (known vulnerabilities)" @@ -370,6 +371,7 @@ recursor-4.9.2.security-status 60 IN TXT "3 Upgrade now recursor-4.9.3.security-status 60 IN TXT "1 OK" recursor-4.9.4.security-status 60 IN TXT "3 Upgrade now, see https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-02.html" recursor-4.9.5.security-status 60 IN TXT "1 OK" +recursor-4.9.6.security-status 60 IN TXT "1 OK" recursor-5.0.0-alpha1.security-status 60 IN TXT "3 Unsupported pre-release (known vulnerabilities)" recursor-5.0.0-alpha2.security-status 60 IN TXT "3 Unsupported pre-release (known vulnerabilities)" recursor-5.0.0-beta1.security-status 60 IN TXT "3 Unsupported pre-release (known vulnerabilities)" @@ -380,6 +382,7 @@ recursor-5.0.1.security-status 60 IN TXT "3 Upgrade now recursor-5.0.2.security-status 60 IN TXT "1 OK" recursor-5.0.3.security-status 60 IN TXT "3 Upgrade now, see https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-02.html" recursor-5.0.4.security-status 60 IN TXT "1 OK" +recursor-5.0.5.security-status 60 IN TXT "1 OK" ; Recursor Debian recursor-3.6.2-2.debian.security-status 60 IN TXT "3 Upgrade now, see https://doc.powerdns.com/3/security/powerdns-advisory-2015-01/ and https://doc.powerdns.com/3/security/powerdns-advisory-2016-02/" diff --git a/pdns/recursordist/docs/changelog/4.8.rst b/pdns/recursordist/docs/changelog/4.8.rst index 2db6b78bcb..41e6bc75c4 100644 --- a/pdns/recursordist/docs/changelog/4.8.rst +++ b/pdns/recursordist/docs/changelog/4.8.rst @@ -2,12 +2,30 @@ Changelogs for 4.8.X ==================== .. changelog:: - :version: 4.8.8 + :version: 4.8.9 + :released: 14 of May 2024 + + .. change:: + :tags: Bug Fixes + :pullreq: 14095 + :tickets: 14049 + + Do not count RRSIGs using unsupported algorithms toward RRSIGs limit. + + .. change:: + :tags: Bug Fixes + :pullreq: 13996 + :tickets: 13984 + + Correctly count NSEC3s considered when chasing the closest encloser. + +.. changelog:: + :version: 4.8.8 :released: 24th of April 2024 .. change:: :tags: Bug Fixes - :pullreq: + :pullreq: 14110 `Security advisory 2024-02 `__: CVE-2024-25583 diff --git a/pdns/recursordist/docs/changelog/4.9.rst b/pdns/recursordist/docs/changelog/4.9.rst index f5cd47d859..a6e6ddb142 100644 --- a/pdns/recursordist/docs/changelog/4.9.rst +++ b/pdns/recursordist/docs/changelog/4.9.rst @@ -2,12 +2,43 @@ Changelogs for 4.9.X ==================== .. changelog:: - :version: 4.9.5 + :version: 4.9.6 + :released: 14th of May 2024 + + .. change:: + :tags: Bug Fixes + :pullreq: 14093 + :tickets: 14049 + + Do not count RRSIGs using unsupported algorithms toward RRSIGs limit. + + .. change:: + :tags: Bug Fixes + :pullreq: 13995 + :tickets: 13984 + + Correctly count NSEC3s considered when chasing the closest encloser. + + .. change:: + :tags: Bug Fixes + :pullreq: 13994 + :tickets: 13926 + + Fix trace=fail regression and add regression test for it. + + .. change:: + :tags: Improvements + :pullreq: 13993 + + Only print Docker config if debug flag is set. + +.. changelog:: + :version: 4.9.5 :released: 24th of April 2024 .. change:: :tags: Bug Fixes - :pullreq: + :pullreq: 14109 `Security advisory 2024-02 `__: CVE-2024-25583 diff --git a/pdns/recursordist/docs/changelog/5.0.rst b/pdns/recursordist/docs/changelog/5.0.rst index c4081578a4..bad1a8108b 100644 --- a/pdns/recursordist/docs/changelog/5.0.rst +++ b/pdns/recursordist/docs/changelog/5.0.rst @@ -4,12 +4,58 @@ Changelogs for 5.0.X Before upgrading, it is advised to read the :doc:`../upgrade`. .. changelog:: - :version: 5.0.4 + :version: 5.0.5 + :released: 14th of May 2024 + + .. change:: + :tags: Bug Fixes + :pullreq: 14091 + :tickets: 14049 + + Do not count RRSIGs using unsupported algorithms toward RRSIGs limit. + + .. change:: + :tags: Bug Fixes + :pullreq: 13992 + :tickets: 13984 + + Correctly count NSEC3s considered when chasing the closest encloser. + + .. change:: + :tags: Bug Fixes + :pullreq: 13991 + :tickets: 13966 + + Let NetmaskGroup parse dont-throttle-netmasks, allowing negations. + + .. change:: + :tags: Bug Fixes + :pullreq: 13990 + :tickets: 13947 + + Fix types of two YAML settings (incoming.edns_padding_from, incoming.proxy_protocol_from) that should be sequences of subnets. + + .. change:: + :tags: Bug Fixes + :pullreq: 13989 + :tickets: 13926 + + Fix trace=fail regression and add regression test for it. + + .. change:: + :tags: Improvements + :pullreq: 13988 + :tickets: 13849 + + Only print Docker config if debug flag is set. + +.. changelog:: + :version: 5.0.4 :released: 24th of April 2024 .. change:: :tags: Bug Fixes - :pullreq: + :pullreq: 14108 `Security advisory 2024-02 `__: CVE-2024-25583 diff --git a/pdns/recursordist/docs/upgrade.rst b/pdns/recursordist/docs/upgrade.rst index dcf7d09755..8e6484b0d0 100644 --- a/pdns/recursordist/docs/upgrade.rst +++ b/pdns/recursordist/docs/upgrade.rst @@ -4,20 +4,26 @@ Upgrade Guide Before upgrading, it is advised to read the :doc:`changelog/index`. When upgrading several versions, please read **all** notes applying to the upgrade. -5.0.3 to master +5.0.5 to master --------------- +New Settings +^^^^^^^^^^^^ + +- The :ref:`setting-proxy-protocol-exceptions` has been added. It allows to exclude specific listen addresses from requiring the Proxy Protocol. + Changed settings ---------------- -- For YAML settings only: the type of the :ref:`setting-yaml-incoming.edns_padding_from` and :ref:`setting-yaml-incoming.proxy_protocol_from` has been changed from ``String`` to ``Sequence of Subnet``. - - Disabling :ref:`setting-structured-logging` is no longer supported. -New Settings -^^^^^^^^^^^^ +5.0.4 to 5.0.5 +-------------- -- The :ref:`setting-proxy-protocol-exceptions` has been added. It allows to exclude specific listen addresses from requiring the Proxy Protocol. +Changed settings +---------------- + +- For YAML settings only: the type of the :ref:`setting-yaml-incoming.edns_padding_from` and :ref:`setting-yaml-incoming.proxy_protocol_from` has been changed from ``String`` to ``Sequence of Subnet``. 5.0.2 to 5.0.3, 4.9.3 to 4.9.4 and 4.8.6 to 4.8.7 -------------------------------------------------