Adding debian version 1:9.11.5.P4+dfsg-5.1+deb10u7.debian/1%9.11.5.P4+dfsg-5.1+deb10u7

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
author: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-05-05 18:37:15 +0000
committer: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-05-05 18:37:15 +0000
commit: 55ad72d44a94298a96b8f05488ca5ed97ef04736 (patch)
tree: 8aaa712c1d8b8d191b77a7eef4dc42c770e3b3d0 /debian/bind9.NEWS
parent: Adding upstream version 1:9.11.5.P4+dfsg. (diff)
download: bind9-55ad72d44a94298a96b8f05488ca5ed97ef04736.tar.xz
bind9-55ad72d44a94298a96b8f05488ca5ed97ef04736.zip
1 files changed, 14 insertions, 0 deletions
diff --git a/debian/bind9.NEWS b/debian/bind9.NEWS
new file mode 100644
index 0000000..d235da6
--- /dev/null
+++ b/debian/bind9.NEWS
@@ -0,0 +1,14 @@
+bind9 (1:9.4.0-1) experimental; urgency=low
+
+  As of bind 9.4, allow-query-cache and allow-recursion default to the
+  builtin acls 'localnets' and 'localhost'.  If you are setting up a
+  name server for a network, you will almost certainly need to change
+  this.
+
+  The change in default has been done to make caching servers less
+  attractive as reflective amplifying targets for spoofed traffic.
+  This still leaves authoritative servers exposed.
+
+  The best fix is for full BCP 38 deployment to remove spoofed traffic.
+
+ -- LaMont Jones <lamont@debian.org>  Wed, 03 Oct 2007 00:52:44 -0600
author	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-05-05 18:37:15 +0000
committer	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-05-05 18:37:15 +0000
commit	55ad72d44a94298a96b8f05488ca5ed97ef04736 (patch)
tree	8aaa712c1d8b8d191b77a7eef4dc42c770e3b3d0 /debian/bind9.NEWS
parent	Adding upstream version 1:9.11.5.P4+dfsg. (diff)
download	bind9-55ad72d44a94298a96b8f05488ca5ed97ef04736.tar.xz bind9-55ad72d44a94298a96b8f05488ca5ed97ef04736.zip