bind9

mirror of https://github.com/isc-projects/bind9.git synced 2026-04-28 01:28:05 -04:00

Author	SHA1	Message	Date
Evan Hunt	ebee5bdfe5	CHANGES, release note (cherry picked from commit 9c492aba65c178f30baafeb5502013f95a9d5b9a) (cherry picked from commit `ecb90158b6`)	2018-08-08 14:27:32 -07:00
Tinderbox User	3bbd725a2c	prep 9.11.4rc2	2018-06-28 05:07:42 +00:00
Evan Hunt	470b8612b2	CHANGES, release note (cherry picked from commit `2aee33f412`)	2018-06-27 18:40:24 -07:00
Ondřej Surý	a6887424ca	Un-deprecate the answer-cookie option	2018-06-26 15:18:36 -07:00
Evan Hunt	a1690b24bc	prepare 9.11.4rc1	2018-06-21 18:54:43 +02:00
Evan Hunt	3d71785ef1	allow-recursion could incorrectly inherit from the default allow-query	2018-06-14 14:47:11 +02:00
Mark Andrews	ae0f6f2073	add CHANGES and release notes (cherry picked from commit `5f7a6232d6`)	2018-06-08 17:29:45 +10:00
Mark Andrews	b3e93d1b0f	add release note for root-key-sentinel (cherry picked from commit `e20790c956`) (cherry picked from commit `edb761b08c`)	2018-06-04 17:41:22 -04:00
Mark Andrews	f9d19cab7f	4699. [func] Multiple cookie-secret clauses can now be specified. The first one specified is used to generate new server cookies. [RT #45672]	2018-06-04 13:16:28 -07:00
Ondřej Surý	2ff3b664bc	Add release notes for IDNA2008 (cherry picked from commit `e7590c7528`)	2018-03-17 13:37:48 +00:00
Evan Hunt	8b205089b7	update file headers to remove copyright years	2018-03-14 16:40:20 -07:00
Evan Hunt	7938956183	update EoL information	2018-03-14 14:47:51 -07:00
Evan Hunt	06908ef2df	[v9_11] add missing release note, update README	2018-02-17 20:01:17 -08:00
Evan Hunt	d77cb075aa	[v9_11] prep 9.11.3rc1	2018-02-15 11:16:15 -08:00
Mark Andrews	2767fc751b	add note for update-policy rules changes (cherry picked from commit `ff8f2a584d`)	2018-02-07 14:03:56 +11:00
Tinderbox User	dc2a85bed7	update copyright notice / whitespace	2018-01-04 23:46:19 +00:00
Evan Hunt	5599d587e6	[v9_11] typo	2018-01-03 19:30:26 -08:00
Evan Hunt	7ff28f5bef	[v9_11] block validator deadlock and prevent use-after-free 4859. [bug] A loop was possible when attempting to validate unsigned CNAME responses from secure zones; this caused a delay in returning SERVFAIL and also increased the chances of encountering CVE-2017-3145. [RT #46839] 4858. [security] Addresses could be referenced after being freed in resolver.c, causing an assertion failure. (CVE-2017-3145) [RT #46839]	2018-01-03 19:19:46 -08:00
Mark Andrews	6155978af5	add [RT #46774 ] (cherry picked from commit `77f9623439`)	2017-12-05 16:14:39 +11:00
Evan Hunt	b722ecd2f8	[v9_11] revised release note	2017-12-04 15:37:36 -08:00
Mark Andrews	15bc7f54ff	add note for [RT #46743 ] and [RT #46754 ] (cherry picked from commit `9ff34db455`)	2017-12-05 09:53:37 +11:00
Evan Hunt	f53e0bda46	[v9_11] fix "allow-transfer" inheritance and clean up ACL configuration 4836. [bug] Zones created using "rndc addzone" could temporarily fail to inherit an "allow-transfer" ACL that had been configured in the options statement. [RT #46603] (cherry picked from commit `e197a2bd15`)	2017-11-30 12:56:39 -08:00
Mark Andrews	7382f51602	Add system tests and remove redundent logging from: 4801. [func] 'dnssec-lookaside auto;' and 'dnssec-lookaside . trust-anchor dlv.isc.org;' now elicit warnings rather than being fatal configuration errors. [RT #46410] (cherry picked from commit `f5e1b555c5`)	2017-10-30 08:12:59 +11:00
Mark Andrews	317330c25a	use correct tag	2017-10-20 19:05:52 +11:00
Mark Andrews	a4ea78aa55	s/made/may/	2017-10-20 10:29:15 +11:00
Mark Andrews	ff08ac42f7	note removal of <isc/util.h> from other header files (cherry picked from commit `9e5439a6d8`)	2017-10-20 10:27:08 +11:00
Evan Hunt	56e30ebae6	[v9_11] require writable managed keys directory 4769. [bug] Enforce the requirement that the managed keys directory (specified by "managed-keys-directory", and defaulting to the working directory if not specified) must be writable. [RT #46077]	2017-10-17 21:26:41 -07:00
Evan Hunt	e609b6b32b	[v9_11] README and relnote fixes (cherry picked from commit `30419509dd`)	2017-10-17 13:50:49 -07:00
Evan Hunt	f592d2f76c	[v9_11] further restrict update-policy local 4762. [func] "update-policy local" is now restricted to updates from local addresses. (Previously, other addresses were allowed so long as updates were signed by the local session key.) [RT #45492]	2017-10-06 15:43:18 -07:00
Mark Andrews	2732d4922c	4754. [bug] dns_zone_setview needs a two stage commit to properly handle errors. [RT #45841]	2017-10-05 13:41:49 +11:00
Evan Hunt	73b52dd1f0	[v9_11] fix tag	2017-10-04 18:44:26 -07:00
Evan Hunt	d5bd8bb71a	[v9_11] de-DLV 4749. [func] The ISC DLV service has been shut down, and all DLV records have been removed from dlv.isc.org. - Removed references to ISC DLV in documentation - Removed DLV key from bind.keys - No longer use ISC DLV by default in delv [RT #46155]	2017-10-03 00:43:19 -07:00
Mark Andrews	a64daf673d	4688. [protocol] Check and display EDNS KEY TAG options (RFC 8145) in messages. [RT #44804] (cherry picked from commit `07741d43c8`)	2017-08-25 08:47:19 +10:00
Evan Hunt	1073e2001c	[v9_11] revise CHANGES note and add release note	2017-07-31 10:36:00 -07:00
Evan Hunt	d4098be27b	[v9_11] update relnotes to mention termination of windows XP support	2017-07-15 13:56:54 -07:00
Evan Hunt	3ba9f5804c	[v9_11] add a release note for TSIG regression	2017-07-14 14:52:29 -07:00
Mark Andrews	e55c767c89	note change in AD setting on some truncated answers (cherry picked from commit `56d8312a48`)	2017-07-11 13:29:33 +10:00
Mark Andrews	66afb7c86a	add note about .local (cherry picked from commit `9987992232`)	2017-07-11 12:45:02 +10:00
Evan Hunt	a03f4b1ea4	[v9_11] address TSIG bypass/forgery vulnerabilities 4643. [security] An error in TSIG handling could permit unauthorized zone transfers or zone updates. (CVE-2017-3142) (CVE-2017-3143) [RT #45383] (cherry picked from commit `581c1526ab`)	2017-06-27 11:39:33 -07:00
Evan Hunt	214b53880b	[v9_11] prevent reload failure due to LMDB database perms 4638. [bug] Reloading or reconfiguring named could fail on some platforms when LMDB was in use. [RT #45203] (cherry picked from commit `bf05e66bb3`)	2017-06-13 12:01:29 -07:00
Evan Hunt	c28e44f3f8	[v9_11] quote service registry paths 4532. [security] The BIND installer on Windows used an unquoted service path, which can enable privilege escalation. (CVE-2017-3141) [RT #45229] (cherry picked from commit `967a3b9419`)	2017-05-30 13:38:22 -07:00
Evan Hunt	3440cf9c60	[v9_11] fix rpz formerr loop 4531. [security] Some RPZ configurations could go into an infinite query loop when encountering responses with TTL=0. (CVE-2017-3140) [RT #45181]	2017-05-30 12:35:06 -07:00
Tinderbox User	4745777284	update copyright notice / whitespace	2017-05-16 23:45:57 +00:00
Evan Hunt	403e7b4512	[v9_11] symbolic option names for dig +ednsopt 4555. [func] dig +ednsopt: EDNS options can now be specified by name in addition to numeric value. [RT #44461] (cherry picked from commit `25a9b90369`)	2017-05-16 10:08:17 -07:00
Mark Andrews	613cdc91fe	add warning about semicolon no longer being escaped (cherry picked from commit `d4d73bca79`)	2017-05-11 11:03:06 +10:00
Evan Hunt	c83a306155	[v9_11] fix lmdb delzone 4616. [bug] When using LMDB, zones deleted using "rndc delzone" were not correctly removed from the new-zone database. [RT #45185] (cherry picked from commit `3a554a444c`)	2017-05-04 12:32:47 -07:00
Evan Hunt	8b9c4592ed	[v9_11] give threads unique names to assist debugging 4602. [func] Threads are now set to human-readable names to assist debugging, when supported by the OS. [RT #43234] (cherry picked from commit `d26ae7fc08`)	2017-04-21 14:00:15 -07:00
Evan Hunt	c03cca4629	[v9_11] clear out relnotes	2017-04-21 13:37:32 -07:00
Evan Hunt	869cb92bab	[v9_11] formatting (cherry picked from commit `52e398c0af`)	2017-04-12 14:06:04 -07:00
Mark Andrews	33cc2edb8e	add CVE-2017-3138 (cherry picked from commit `fe1ad70e51`)	2017-03-30 02:57:02 +11:00

1 2 3 4 5

240 commits