From: Peter van Dijk Date: Thu, 20 Oct 2022 07:45:40 +0000 (+0200) Subject: auth-4.7.0: secpoll and docs X-Git-Tag: dnsdist-1.8.0-rc1~273^2~1 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b7294185848576b6d684dfca8150925c1bd3a189;p=thirdparty%2Fpdns.git auth-4.7.0: secpoll and docs --- diff --git a/docs/changelog/4.7.rst b/docs/changelog/4.7.rst index 117aeb54b3..1a7639aca7 100644 --- a/docs/changelog/4.7.rst +++ b/docs/changelog/4.7.rst @@ -1,6 +1,49 @@ Changelogs for 4.7.x ==================== +.. changelog:: + :version: 4.7.0 + :released: 20th of October 2022 + + This is version 4.7.0 of the Authoritative Server. + + 4.7.0 brings support for :doc:`Catalog Zones <../catalog>`, developed by Kees Monshouwer. + As part of that development, the freshness checks in the Primary code were reworked, reducing them from doing potentially thousands of SQL queries (if you have thousands of domains) to only a few. + Installations with lots of domains will benefit greatly from this, even without using catalog zones. + + 4.7.0 also brings back GSS-TSIG support, previously removed for quality reasons, now reworked with many stability improvements. + + Other things of note: + + * LUA records, when queried over TCP, can now re-use a Lua state, giving a serious performance boost. + * lmdbbackend databases now get a UUID assigned, making it easy for external software to spot if a database was completely replaced + * lmdbbackend databases now optionally use random IDs for objects + * a new LUA function called ``ifurlextup``, and improvements in other LUA record functions + * autoprimary management in ``pdnsutil`` and the HTTP API + * in beta, a key roller daemon, currently not packaged + + Please make sure to read the :doc:`upgrade notes <../upgrading>` before upgrading. + + Besides that, various other smaller features and improvements have landed - please browse the list below. + + .. change:: + :tags: Bug Fixes + :pullreq: 12069 + + Fix compilation of the event ports multiplexer (Jonathan Perkin) + + .. change:: + :tags: Improvements + :pullreq: 12085 + + pdnsutil check-zone, skip metadata check for backends without getAllDomainMetadata() (Kees Monshouwer) + + .. change:: + :tags: Bug Fixes + :pullreq: 12098 + + fix axfr for tinydns and pipe backend (Kees Monshouwer). Note that this was only broken since 4.7.0-beta2. + .. changelog:: :version: 4.7.0-rc1 :released: 3rd of October 2022 diff --git a/docs/secpoll.zone b/docs/secpoll.zone index 082a52bbce..527f454d18 100644 --- a/docs/secpoll.zone +++ b/docs/secpoll.zone @@ -1,4 +1,4 @@ -@ 86400 IN SOA pdns-public-ns1.powerdns.com. peter\.van\.dijk.powerdns.com. 2022100501 10800 3600 604800 10800 +@ 86400 IN SOA pdns-public-ns1.powerdns.com. peter\.van\.dijk.powerdns.com. 2022102001 10800 3600 604800 10800 @ 3600 IN NS pdns-public-ns1.powerdns.com. @ 3600 IN NS pdns-public-ns2.powerdns.com. @@ -110,7 +110,8 @@ auth-4.6.2.security-status 60 IN TXT "1 OK" auth-4.6.3.security-status 60 IN TXT "1 OK" auth-4.7.0-alpha1.security-status 60 IN TXT "3 Unsupported pre-release (known vulnerabilities)" auth-4.7.0-beta2.security-status 60 IN TXT "3 Unsupported pre-release" -auth-4.7.0-rc1.security-status 60 IN TXT "1 Unsupported pre-release" +auth-4.7.0-rc1.security-status 60 IN TXT "3 Unsupported pre-release" +auth-4.7.0.security-status 60 IN TXT "1 OK" ; Auth Debian auth-3.4.1-2.debian.security-status 60 IN TXT "3 Upgrade now, see https://doc.powerdns.com/3/security/powerdns-advisory-2015-01/ and https://doc.powerdns.com/3/security/powerdns-advisory-2015-02/ and https://doc.powerdns.com/3/security/powerdns-advisory-2016-02/ and https://doc.powerdns.com/3/security/powerdns-advisory-2016-03/ and https://doc.powerdns.com/3/security/powerdns-advisory-2016-04/ and https://doc.powerdns.com/3/security/powerdns-advisory-2016-05/"