From: Ondřej Surý Date: Wed, 17 Jun 2020 10:44:01 +0000 (+0200) Subject: Add CHANGES and release note for #1950 X-Git-Tag: v9.16.5~32^2 X-Git-Url: http://git.ipfire.org/gitweb/?a=commitdiff_plain;h=4ab9e79e6fd79dff5e6a6bb87787d7dcbb55a5e5;p=thirdparty%2Fbind9.git Add CHANGES and release note for #1950 --- diff --git a/CHANGES b/CHANGES index 2a12db2b3d0..828178c51e7 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,5 @@ +5440. [test] Properly handle missing kyua. [GL #1950] + 5439. [bug] The dsset returned by dns_keynode_dsset() was not thread safe. [GL #1926] diff --git a/doc/notes/notes-current.rst b/doc/notes/notes-current.rst index b59e0d4e6a5..cbfe0e2f1f8 100644 --- a/doc/notes/notes-current.rst +++ b/doc/notes/notes-current.rst @@ -8,80 +8,37 @@ See the COPYRIGHT file distributed with this work for additional information regarding copyright ownership. -.. _relnotes-9.16.4: +.. _relnotes-9.16.5: -Notes for BIND 9.16.4 +Notes for BIND 9.16.5 ===================== -.. _relnotes-9.16.4-security: +.. _relnotes-9.16.5-security: Security Fixes -------------- -- None. +- None. -.. _relnotes-9.16.4-known: +.. _relnotes-9.16.5-known: Known Issues ------------ -- None +- None -.. _relnotes-9.16.4-changes: - -- ``named`` and ``named-checkzone`` now reject master zones that - have a DS RRset at the zone apex. Attempts to add DS records - at the zone apex via UPDATE will be logged but otherwise ignored. - DS records belong in the parent zone, not at the zone apex. [GL #1798] +.. _relnotes-9.16.5-changes: Feature Changes --------------- -- ``dig`` and other tools can now print the Extended DNS Error (EDE) - option when it appears in a request or response. [GL #1834] - -.. _relnotes-9.16.4-bugs: - -- The default value of ``max-stale-ttl`` has changed from 1 week to 12 hours. - This option controls how long named retains expired RRsets in cache as a - potential mitigation mechanism, should there be a problem with one or more - domains. Note that cache content retention is independent of whether or not - stale answers will be used in response to client queries - (``stale-answer-enable yes|no`` and ``rndc serve-stale on|off``). Serving of - stale answers when the authoritative servers are not responding must be - explicitly enabled, whereas the retention of expired cache content takes - place automatically on all versions of BIND that have this feature available. - [GL #1877] - - .. warning: - This change may be significant for administrators who expect that stale - cache content will be automatically retained for up to 1 week. Add - option ``max-stale-ttl 1w;`` to named.conf to keep the previous behavior - of named. +- None. -- listen-on-v6 { any; } creates separate sockets for all interfaces, - while previously it created one socket on systems conforming to - :rfc:`3493` and :rfc:`3542`, this change was introduced in 9.16.0 - but accudently ommited from documentation. +.. _relnotes-9.16.5-bugs: Bug Fixes --------- -- ``named`` could crash with an assertion failure if the name of a - database node was looked up while the database was being modified. - [GL #1857] -- Missing mutex and conditional destruction in netmgr code leads to a memory - leak on BSD systems. [GL #1893]. -- Fix a bug in dnssec-policy keymgr where the check if a key has a - successor would return a false positive if any other key in the - keyring has a successor. [GL #1845] - -- With dnssec-policy, when creating a successor key, the goal state of - the current active key (the predecessor) was not changed and thus was - never is removed from the zone. [GL #1846] - -- Fix a data race in resolver.c:formerr() that could lead to assertion - failure. [GL #1808] - -- The dsset returned by dns_keynode_dsset() was not thread safe. This - could result in a INSIST being triggered. [GL #1926] +- Properly handle missing ``kyua`` command so that ``make check`` does + not fail unexpectedly when CMocka is installed, but Kyua is not. + [GL #1950]