diff --git a/CHANGES b/CHANGES index 76d90e7aa9..6d31e82b2f 100644 --- a/CHANGES +++ b/CHANGES @@ -14,54 +14,62 @@ for KASP zones on restart. [GL #2725] -5652. [bug] Copy and paste error caused the socket option to - be enabled instead of disabled. [GL #2746] + --- 9.17.14 released --- -5651. [func] Refactor zone dumping to be processed asynchronously - via the uv_work_t thread pool API. [GL #2732] +5652. [bug] A copy-and-paste error in change 5584 caused the + IP_DONTFRAG socket option to be enabled instead of + disabled. This has been fixed. [GL #2746] -5650. [bug] Prevent a crash that could occur if serve-stale - was enabled and a prefetch was triggered during a - query restart. [GL #2733] +5651. [func] Refactor zone dumping to be processed asynchronously via + the uv_work_t thread pool API. [GL #2732] -5649. [bug] If a query was answered with stale data on a server - with DNS64 enabled, an assertion could occur if a - non-stale answer arrived afterward. [GL #2731] +5650. [bug] Prevent a crash that could occur if serve-stale was + enabled and a prefetch was triggered during a query + restart. [GL #2733] -5648. [bug] The calculation of the estimated IXFR transaction - size by dns_journal_iter_init() was invalid. [GL #2685] +5649. [bug] If a query was answered with stale data on a server with + DNS64 enabled, an assertion could occur if a non-stale + answer arrived afterward. [GL #2731] -5647. [func] The interfacemgr has been refactored to use fewer - clientmgr objects, which in turn use fewer memory - contexts and tasks. This should result in less +5648. [bug] The calculation of the estimated IXFR transaction size + in dns_journal_iter_init() was invalid. [GL #2685] + +5647. [func] The interface manager has been refactored to use fewer + client manager objects, which in turn use fewer memory + contexts and tasks. This should result in less fragmented memory and better startup performance. [GL #2433] -5646. [bug] The default TCP timeout for rndc has been increased - to 60 seconds. This was its original value, but it - had been inadvertently lowered to 10. [GL #2643] +5646. [bug] The default TCP timeout for rndc has been increased to + 60 seconds. This was its original value, but it had been + inadvertently lowered to 10 when rndc was updated to use + the network manager. [GL #2643] -5645. [cleanup] Remove the rarely-used dns_name_copy() function - and rename dns_name_copynf() to dns_name_copy(). - [GL !5081] +5645. [cleanup] Remove the rarely-used dns_name_copy() function and + rename dns_name_copynf() to dns_name_copy(). [GL !5081] 5644. [bug] Fix a race condition in reading and writing key files - for KASP zones in multiple views. [GL #1875] + for zones using KASP and configured in multiple views. + [GL #1875] 5643. [placeholder] -5642. [bug] Check "key-directory" conflicts in "named.conf" for - zones in multiple views with different "dnssec-policy". - [GL #2463]. +5642. [bug] Zones which are configured in multiple views with + different values set for "dnssec-policy" and with + identical values set for "key-directory" are now + detected and treated as a configuration error. + [GL #2463] -5641. [bug] Address potential memory leak in dst_key_fromnamedfile. - [GL #2689] +5641. [bug] Address a potential memory leak in + dst_key_fromnamedfile(). [GL #2689] -5640. [func] Add new configuration option to set the operating system - receive and send buffers. [GL #2313] +5640. [func] Add new configuration options for setting the size of + receive and send buffers in the operating system: + "tcp-receive-buffer", "tcp-send-buffer", + "udp-receive-buffer", and "udp-send-buffer". [GL #2313] -5639. [bug] Check that the first and last SOA record of an AXFR - are consistent. [GL #2528] +5639. [bug] Check that the first and last SOA record of an AXFR are + consistent. [GL #2528] --- 9.17.13 released --- diff --git a/configure.ac b/configure.ac index 36d612d4c6..44f222b8a2 100644 --- a/configure.ac +++ b/configure.ac @@ -14,7 +14,7 @@ # m4_define([bind_VERSION_MAJOR], 9)dnl m4_define([bind_VERSION_MINOR], 17)dnl -m4_define([bind_VERSION_PATCH], 13)dnl +m4_define([bind_VERSION_PATCH], 14)dnl m4_define([bind_VERSION_EXTRA], )dnl m4_define([bind_DESCRIPTION], [(Development Release)])dnl m4_define([bind_SRCID], [m4_esyscmd_s([git rev-parse --short HEAD | cut -b1-7])])dnl diff --git a/doc/arm/notes.rst b/doc/arm/notes.rst index c83e2b1561..4cce67f9ad 100644 --- a/doc/arm/notes.rst +++ b/doc/arm/notes.rst @@ -52,6 +52,7 @@ https://www.isc.org/download/. There you will find additional information about each release, and source code. .. include:: ../notes/notes-current.rst +.. include:: ../notes/notes-9.17.14.rst .. include:: ../notes/notes-9.17.13.rst .. include:: ../notes/notes-9.17.12.rst .. include:: ../notes/notes-9.17.11.rst diff --git a/doc/notes/notes-9.17.14.rst b/doc/notes/notes-9.17.14.rst new file mode 100644 index 0000000000..4ece21dd95 --- /dev/null +++ b/doc/notes/notes-9.17.14.rst @@ -0,0 +1,63 @@ +.. + Copyright (C) Internet Systems Consortium, Inc. ("ISC") + + This Source Code Form is subject to the terms of the Mozilla Public + License, v. 2.0. If a copy of the MPL was not distributed with this + file, you can obtain one at https://mozilla.org/MPL/2.0/. + + See the COPYRIGHT file distributed with this work for additional + information regarding copyright ownership. + +Notes for BIND 9.17.14 +---------------------- + +New Features +~~~~~~~~~~~~ + +- New configuration options, ``tcp-receive-buffer``, + ``tcp-send-buffer``, ``udp-receive-buffer``, and ``udp-send-buffer``, + have been added. These options allow the operator to fine-tune the + receiving and sending buffers in the operating system. On busy + servers, increasing the size of the receive buffers can prevent the + server from dropping packets during short traffic spikes, and + decreasing it can prevent the server from becoming clogged with + queries that are too old and have already timed out. :gl:`#2313` + +Feature Changes +~~~~~~~~~~~~~~~ + +- Zone dumping tasks are now run on separate asynchronous thread pools. + This change prevents zone dumping from blocking network I/O. + :gl:`#2732` + +- The interface handling code has been refactored to use fewer + resources, which should lead to less memory fragmentation and better + startup performance. :gl:`#2433` + +Bug Fixes +~~~~~~~~~ + +- The calculation of the estimated IXFR transaction size in + ``dns_journal_iter_init()`` was invalid. This resulted in excessive + AXFR-style IXFR responses. :gl:`#2685` + +- Fixed an assertion failure that could occur if stale data was used to + answer a query, and then a prefetch was triggered after the query was + restarted (for example, to follow a CNAME). :gl:`#2733` + +- If a query was answered with stale data on a server with DNS64 + enabled, an assertion could occur if a non-stale answer arrived + afterward. This has been fixed. :gl:`#2731` + +- Fixed an error which caused the ``IP_DONTFRAG`` socket option to be + enabled instead of disabled, leading to errors when sending oversized + UDP packets. :gl:`#2746` + +- Zones which are configured in multiple views, with different values + set for ``dnssec-policy`` and with identical values set for + ``key-directory``, are now detected and treated as a configuration + error. :gl:`#2463` + +- A race condition could occur when reading and writing key files for + zones using KASP and configured in multiple views. This has been + fixed. :gl:`#1875` diff --git a/doc/notes/notes-current.rst b/doc/notes/notes-current.rst index a068f1911f..f553c45c76 100644 --- a/doc/notes/notes-current.rst +++ b/doc/notes/notes-current.rst @@ -8,7 +8,7 @@ See the COPYRIGHT file distributed with this work for additional information regarding copyright ownership. -Notes for BIND 9.17.14 +Notes for BIND 9.17.15 ---------------------- Security Fixes @@ -24,17 +24,7 @@ Known Issues New Features ~~~~~~~~~~~~ -- New configuration options, ``tcp-receive-buffer``, ``tcp-send-buffer``, - ``udp-receive-buffer``, and ``udp-send-buffer``, have been added. These - options allows the operator to fine tune the receiving and sending - buffers in the operating system. On busy servers, increasing the value - of the receive buffers can prevent the server from dropping the packets - during short spikes, and decreasing the value would prevent the server to - became clogged up with queries that are too old and have already timeouted - on the receiving side. :gl:`#2313` - -- Run zone dumping tasks on separate asynchronous thread pools. This change - makes zone dumping no longer block networking I/O. :gl:`#2732` +- None. Removed Features ~~~~~~~~~~~~~~~~ @@ -46,39 +36,11 @@ Removed Features Feature Changes ~~~~~~~~~~~~~~~ -- The interface handling code has been refactored to use fewer resources, - which should lead to less memory fragmentation and better startup - performance. :gl:`#2433` +- None. Bug Fixes ~~~~~~~~~ -- Fix a race condition in reading and writing key files for KASP zones in - multiple views. :gl:`#1875` - -- Check ``key-directory`` conflicts in ``named.conf`` for zones in multiple - views with different ``dnssec-policy``. Using the same ``key-directory`` for - such zones is not allowed. :gl:`#2463` - -- ``named-checkconf`` now complains if zones with ``dnssec-policy`` reference - the same zone file more than once. :gl:`#2603` - -- The calculation of the estimated IXFR transaction size by - `dns_journal_iter_init()` was invalid. This resulted in excessive - AXFR-style-IXFR responses. :gl:`#2685` - -- If a query was answered with stale data on a server with DNS64 enabled, - an assertion could occur if a non-stale answer arrived afterward. This - has been fixed. :gl:`#2731` - -- Fixed an assertion failure that could occur if stale data was used - to answer a query, and then a prefetch was triggered after the query - was restarted (for example, to follow a CNAME). :gl:`#2733` - -- Fix an error that would enable don't fragment socket option instead - of disabling it leading to errors when sending the oversized UDP - packets. [GL #2746] - - Fixed a bug that caused the NSEC salt to be changed for KASP zones on every startup. :gl:`#2725`