upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-02-27 20:11:12 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
bind9/doc/notes/notes-current.rst
Matthijs Mekking bcadb31f44 Add CHANGES and release notes for GL #2503 
(cherry picked from commit a404eaaffd)
2021-02-25 12:07:43 +01:00

66 lines
2.1 KiB
ReStructuredText
Raw Blame History

..
Copyright (C) Internet Systems Consortium, Inc. ("ISC")
This Source Code Form is subject to the terms of the Mozilla Public
License, v. 2.0. If a copy of the MPL was not distributed with this
file, you can obtain one at https://mozilla.org/MPL/2.0/.
See the COPYRIGHT file distributed with this work for additional
information regarding copyright ownership.
Notes for BIND 9.16.13
----------------------
Security Fixes
~~~~~~~~~~~~~~
- None.
Known Issues
~~~~~~~~~~~~
- None.
New Features
~~~~~~~~~~~~
- When serve-stale is enabled and stale data is available, ``named`` now
returns stale answers upon encountering any unexpected error in the
query resolution process. This may happen, for example, if the
``fetches-per-server`` or ``fetches-per-zone`` limits are reached. In
this case, ``named`` attempts to answer DNS requests with stale data,
but does not start the ``stale-refresh-time`` window. [GL #2434]
- A new option, ``purge-keys``, has been added to ``dnssec-policy``. It sets
the time how long key files should be retained after they have become
obsolete (due to a key rollover). Default is 90 days, and the feature can
be disabled by setting it to 0. [GL #2408]
Removed Features
~~~~~~~~~~~~~~~~
- None.
Feature Changes
~~~~~~~~~~~~~~~
- None.
Bug Fixes
~~~~~~~~~
- If an outgoing packet would exceed max-udp-size, it would be dropped instead
of sending a proper response back. Rollback setting the IP_DONTFRAG on the
UDP sockets that we enabled during the DNS Flag Day 2020 to fix this issue.
[GL #2487]
- NSEC3 records were not immediately created when signing a dynamic zone with
``dnssec-policy`` and ``nsec3param``. This has been fixed [GL #2498].
- An invalid direction field (not one of 'N'/'S' or 'E'/'W') in a LOC record
triggered an INSIST failure. [GL #2499]
- Previously, a BIND server could experience an unexpected server termination
(crash) if the return of stale cached answers was enabled and
``stale-answer-client-timeout`` was applied to a client query in process.
This has been fixed. [GL #2503]
Reference in a new issue View git blame Copy permalink