<itemizedlist>
<listitem>
<para>
- BIND crashes on startup when linked against libuv 1.36. This issue is
+ BIND crashes on startup when linked against libuv 1.36. This issue is
related to recvmmsg() support in libuv which was first included in
- libuv 1.35. The problem was addressed in libuv 1.37, but the relevant
+ libuv 1.35. The problem was addressed in libuv 1.37, but the relevant
libuv code change requires a special flag to be set during library
- initialization in order for recvmmsg() support to be enabled. This
+ initialization in order for recvmmsg() support to be enabled. This
BIND release sets that special flag when required, so recvmmsg()
support is now enabled when BIND is compiled against either libuv 1.35
- or libuv 1.37+; libuv 1.36 is still not usable with BIND. [GL #1761]
+ or libuv >= 1.37; libuv 1.36 is still not usable with BIND. [GL #1761]
[GL #1797]
</para>
</listitem>
<itemizedlist>
<listitem>
<para>
- BIND 9 no longer sets the recv and send buffer sizes for sockets, relying
- on system defaults instead. [GL #1713]
+ BIND 9 no longer sets receive/send buffer sizes for UDP sockets,
+ relying on system defaults instead. [GL #1713]
</para>
+ </listitem>
+ <listitem>
<para>
The default rwlock implementation has been changed back to the native
BIND 9 rwlock implementation. [GL #1753]
</para>
+ </listitem>
+ <listitem>
<para>
The native PKCS#11 EdDSA implementation has been updated to PKCS#11
- v3.0 and thus made operational again. Contributed by Aaron Thompson.
- [GL !3326]
+ v3.0 and thus made operational again. Contributed by Aaron Thompson.
+ [GL !3326]
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ The OpenSSL ECDSA implementation has been updated to support PKCS#11
+ via OpenSSL engine (see engine_pkcs11 from libp11 project). [GL #1534]
</para>
</listitem>
<listitem>
- <para>
- The OpenSSL ECDSA implementation has been updated to support PKCS#11
- via OpenSSL engine (see engine_pkcs11 from libp11 project). [GL #1534]
- </para>
+ <para>
+ The OpenSSL EdDSA implementation has been updated to support PKCS#11
+ via OpenSSL engine. Please note that an EdDSA-capable OpenSSL engine
+ is required and thus this code is only a proof-of-concept for the time
+ being. Contributed by Aaron Thompson. [GL #1763]
+ </para>
</listitem>
<listitem>
- <para>
- The OpenSSL EdDSA implementation has been updated to support PKCS#11
- via OpenSSL engine. Please note that you need EdDSA capable OpenSSL
- engine and there's only proof-of-concept as of this moment.
- Contributed by Aaron Thompson. [GL #1763]
- </para>
<para>
Message IDs in inbound AXFR transfers are now checked for consistency.
Log messages are emitted for streams with inconsistent message IDs.
</listitem>
<listitem>
<para>
- When running on a system with Linux capabilities support,
+ When running on a system with support for Linux capabilities,
<command>named</command> drops root privileges very soon after system
- startup. This was causing a spurious log message, <quote>unable to set
- effective uid to 0: Operation not permitted</quote>, which has now been
+ startup. This was causing a spurious log message, "unable to set
+ effective uid to 0: Operation not permitted", which has now been
silenced. [GL #1042] [GL #1090]
</para>
</listitem>
projects / thirdparty / bind9.git / commitdiff
