diff options
Diffstat (limited to 'debian/bind9.NEWS')
| -rw-r--r-- | debian/bind9.NEWS | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/debian/bind9.NEWS b/debian/bind9.NEWS new file mode 100644 index 0000000..d235da6 --- /dev/null +++ b/debian/bind9.NEWS @@ -0,0 +1,14 @@ +bind9 (1:9.4.0-1) experimental; urgency=low + + As of bind 9.4, allow-query-cache and allow-recursion default to the + builtin acls 'localnets' and 'localhost'. If you are setting up a + name server for a network, you will almost certainly need to change + this. + + The change in default has been done to make caching servers less + attractive as reflective amplifying targets for spoofed traffic. + This still leaves authoritative servers exposed. + + The best fix is for full BCP 38 deployment to remove spoofed traffic. + + -- LaMont Jones <lamont@debian.org> Wed, 03 Oct 2007 00:52:44 -0600 |