From: Michał Kępień Date: Fri, 9 Sep 2022 17:58:46 +0000 (+0200) Subject: Set up release notes for BIND 9.18.8 X-Git-Tag: v9.18.8~39^2 X-Git-Url: http://git.ipfire.org/gitweb/?a=commitdiff_plain;h=6081ba7604c75046322a3c45b18436038f0f9054;p=thirdparty%2Fbind9.git Set up release notes for BIND 9.18.8 --- diff --git a/doc/notes/notes-current.rst b/doc/notes/notes-current.rst index 306a87ccbb1..1c26f5934fe 100644 --- a/doc/notes/notes-current.rst +++ b/doc/notes/notes-current.rst @@ -9,7 +9,7 @@ .. See the COPYRIGHT file distributed with this work for additional .. information regarding copyright ownership. -Notes for BIND 9.18.7 +Notes for BIND 9.18.8 --------------------- Security Fixes @@ -35,27 +35,9 @@ Removed Features Feature Changes ~~~~~~~~~~~~~~~ -- Response Rate Limiting (RRL) code now treats all QNAMEs that are - subject to wildcard processing within a given zone as the same name, - to prevent circumventing the limits enforced by RRL. :gl:`#3459` - -- Zones using ``dnssec-policy`` now require dynamic DNS or - ``inline-signing`` to be configured explicitly :gl:`#3381`. - -- When reconfiguring ``dnssec-policy`` from using NSEC with an NSEC-only DNSKEY - algorithm (e.g. RSASHA1) to a policy that uses NSEC3, BIND will no longer fail - to sign the zone, but keep using NSEC for a little longer until the offending - DNSKEY records have been removed from the zone, then switch to using NSEC3. - :gl:`#3486` - -- Implement a backwards compatible approach for encoding the internationalized - domain names (IDN) in dig, and convert the domain to IDNA2008 form, and if - that fails try the IDNA2003 conversion. :gl:`#3485` +- None. Bug Fixes ~~~~~~~~~ -- Fix a serve-stale bug, where BIND would try to return stale data from cache - for lookups that received duplicate queries or queries that would be dropped. - This bug resulted in premature SERVFAIL responses, and has now been resolved. - :gl:`#2982` +- None.