Removed Features
~~~~~~~~~~~~~~~~
+- The ``coresize``, ``datasize``, ``files``, and ``stacksize`` options
+ have been removed. The limits these options set should be enforced
+ externally, either by manual configuration (e.g. using ``ulimit``) or
+ via the process supervisor (e.g. ``systemd``). :gl:`#3676`
+
- Dynamic updates that add and remove DNSKEY and NSEC3PARAM records no
longer trigger key rollovers and denial-of-existence operations. This
also means that the :any:`dnssec-secure-to-insecure` option has been
in a future BIND 9.19.x release. Please migrate to
:any:`dnssec-policy`. :gl:`#3667`
-- The ``coresize``, ``datasize``, ``files``, and ``stacksize`` options
- have been removed. The limits these options set should be enforced
- externally, either by manual configuration (e.g. using ``ulimit``) or
- via the process supervisor (e.g. ``systemd``). :gl:`#3676`
-
- Setting alternate local addresses for inbound zone transfers has been
deprecated. The relevant options (:any:`alt-transfer-source`,
:any:`alt-transfer-source-v6`, and :any:`use-alt-transfer-source`)
files to the maximum allowed by the operating system, instead of
trying to set it to "unlimited". :gl:`#3676`
-Bug Fixes
-~~~~~~~~~
-
- The number of HTTP headers allowed in requests sent to
:iscman:`named`'s statistics channel has been increased from 10 to
100, to accommodate some browsers that send more than 10 headers
by default. :gl:`#3670`
-- TLS configuration for primary servers was not applied for zones that
- were members of a catalog zone. This has been fixed. :gl:`#3638`
+Bug Fixes
+~~~~~~~~~
- :iscman:`named` could crash due to an assertion failure when an HTTP
connection to the statistics channel was closed prematurely (due to a
connection error, shutdown, etc.). This has been fixed. :gl:`#3693`
-- The ``zone <name>/<class>: final reference detached`` log message was
- moved from the INFO log level to the DEBUG(1) log level to prevent the
- :iscman:`named-checkzone` tool from superfluously logging this message
- in non-debug mode. :gl:`#3707`
-
-- The new name compression code in BIND 9.19.7 was not compressing
- names in zone transfers that should have been compressed, so zone
- transfers were larger than before. This has been fixed. :gl:`#3706`
-
- When a catalog zone was removed from the configuration, in some cases
a dangling pointer could cause the :iscman:`named` process to crash.
This has been fixed. :gl:`#3683`
-- In certain cases, :iscman:`named` waited for the resolution of
- outstanding recursive queries to finish before shutting down. This was
- unintended and has been fixed. :gl:`#3183`
-
- When a zone was deleted from a server, a key management object related
to that zone was inadvertently kept in memory and only released upon
shutdown. This could lead to constantly increasing memory use on
servers with a high rate of changes affecting the set of zones being
served. This has been fixed. :gl:`#3727`
+- TLS configuration for primary servers was not applied for zones that
+ were members of a catalog zone. This has been fixed. :gl:`#3638`
+
+- In certain cases, :iscman:`named` waited for the resolution of
+ outstanding recursive queries to finish before shutting down. This was
+ unintended and has been fixed. :gl:`#3183`
+
+- The new name compression code in BIND 9.19.7 was not compressing
+ names in zone transfers that should have been compressed, so zone
+ transfers were larger than before. This has been fixed. :gl:`#3706`
+
+- The ``zone <name>/<class>: final reference detached`` log message was
+ moved from the INFO log level to the DEBUG(1) log level to prevent the
+ :iscman:`named-checkzone` tool from superfluously logging this message
+ in non-debug mode. :gl:`#3707`
+
Known Issues
~~~~~~~~~~~~
projects / thirdparty / bind9.git / commitdiff
