From 45d6379135504814ab723b57f0eb8be23393a51d Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sat, 27 Apr 2024 09:24:22 +0200 Subject: Adding upstream version 1:9.16.44. Signed-off-by: Daniel Baumann --- doc/notes/notes-9.16.5.rst | 72 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 72 insertions(+) create mode 100644 doc/notes/notes-9.16.5.rst (limited to 'doc/notes/notes-9.16.5.rst') diff --git a/doc/notes/notes-9.16.5.rst b/doc/notes/notes-9.16.5.rst new file mode 100644 index 0000000..613dcf7 --- /dev/null +++ b/doc/notes/notes-9.16.5.rst @@ -0,0 +1,72 @@ +.. Copyright (C) Internet Systems Consortium, Inc. ("ISC") +.. +.. SPDX-License-Identifier: MPL-2.0 +.. +.. This Source Code Form is subject to the terms of the Mozilla Public +.. License, v. 2.0. If a copy of the MPL was not distributed with this +.. file, you can obtain one at https://mozilla.org/MPL/2.0/. +.. +.. See the COPYRIGHT file distributed with this work for additional +.. information regarding copyright ownership. + +Notes for BIND 9.16.5 +--------------------- + +New Features +~~~~~~~~~~~~ + +- New ``rndc`` command ``rndc dnssec -status`` shows the current DNSSEC + policy and keys in use, the key states, and rollover status. + :gl:`#1612` + +Bug Fixes +~~~~~~~~~ + +- A race condition could occur if a TCP socket connection was closed + while ``named`` was waiting for a recursive response. The attempt to + send a response over the closing connection triggered an assertion + failure in the function ``isc__nm_tcpdns_send()``. :gl:`#1937` + +- A race condition could occur when ``named`` attempted to use a UDP + interface that was shutting down. This triggered an assertion failure + in ``uv__udp_finish_close()``. :gl:`#1938` + +- Fix assertion failure when server was under load and root zone had not + yet been loaded. :gl:`#1862` + +- ``named`` could crash when cleaning dead nodes in ``lib/dns/rbtdb.c`` + that were being reused. :gl:`#1968` + +- ``named`` crashed on shutdown when a new ``rndc`` connection was + received during shutdown. This has been fixed. :gl:`#1747` + +- The DS RRset returned by ``dns_keynode_dsset()`` was used in a + non-thread-safe manner. This could result in an INSIST being + triggered. :gl:`#1926` + +- Properly handle missing ``kyua`` command so that ``make check`` does + not fail unexpectedly when CMocka is installed, but Kyua is not. + :gl:`#1950` + +- The ``primary`` and ``secondary`` keywords, when used as parameters + for ``check-names``, were not processed correctly and were being + ignored. :gl:`#1949` + +- ``rndc dnstap -roll `` did not limit the number of saved files + to ````. :gl:`!3728` + +- The validator could fail to accept a properly signed RRset if an + unsupported algorithm appeared earlier in the DNSKEY RRset than a + supported algorithm. It could also stop if it detected a malformed + public key. :gl:`#1689` + +- The ``blackhole`` ACL was inadvertently disabled for client queries. + Blocked IP addresses were not used for upstream queries but queries + from those addresses could still be answered. :gl:`#1936` + +Known Issues +~~~~~~~~~~~~ + +- There are no new known issues with this release. See :ref:`above + ` for a list of all known issues affecting this + BIND 9 branch. -- cgit v1.2.3