Add CHANGES and release notes for [GL #2895]

author Aram Sargsyan <aram@isc.org>

Mon, 31 Oct 2022 13:03:47 +0000 (13:03 +0000)

committer Aram Sargsyan <aram@isc.org>

Tue, 1 Nov 2022 11:20:25 +0000 (11:20 +0000)
author Aram Sargsyan <aram@isc.org>
Mon, 31 Oct 2022 13:03:47 +0000 (13:03 +0000)
committer Aram Sargsyan <aram@isc.org>
Tue, 1 Nov 2022 11:20:25 +0000 (11:20 +0000)
diff --git a/CHANGES b/CHANGES

index cdb6aba48a0debd756c64318efe1658c9c0896bf..693ee3eb7fe5eb00897361290b1949a1dd0ede68 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,6 @@
+6009.  [bug]           Don't trust a placeholder KEYDATA from the managed-keys
+                       zone by adding it into secroots. [GL #2895]
+
  6008.  [bug]           Fixed a race condition that could cause a crash
                         in dns_zone_synckeyzone(). [GL #3617]
  
diff --git a/doc/notes/notes-current.rst b/doc/notes/notes-current.rst

index 4dd3264d97615686c0084fe7c0c743b3f54441d8..e3d90cc22a4c705129d5ed5c2de683d17cd9337d 100644 (file)
--- a/doc/notes/notes-current.rst
+++ b/doc/notes/notes-current.rst
@@ -50,3 +50,9 @@ Bug Fixes
  - In certain resolution scenarios quotas could be erroneously reached for
    servers, including the configured forwarders, resulting in SERVFAIL answers
    sent to the clients. This has been fixed. :gl:`#3598`
+
+- When having Internet connectivity issues during the initial startup of
+  ``named``, BIND resolver with ``dnssec-validation`` set to ``auto`` could
+  enter into a state where it would not recover without stopping ``named``,
+  manually deleting ``managed-keys.bind`` and ``managed-keys.bind.jnl`` files,
+  and starting ``named`` again. :gl:`#2895`
author	Aram Sargsyan <aram@isc.org>
	Mon, 31 Oct 2022 13:03:47 +0000 (13:03 +0000)
committer	Aram Sargsyan <aram@isc.org>
	Tue, 1 Nov 2022 11:20:25 +0000 (11:20 +0000)
CHANGES		patch \| blob \| blame \| history
doc/notes/notes-current.rst		patch \| blob \| blame \| history