Revisions of nsd
Adam Majer (adamm)
accepted
request 561095
from
Michael Ströder (stroeder)
(revision 33)
update to 4.1.19
Adam Majer (adamm)
accepted
request 546762
from
Michael Ströder (stroeder)
(revision 32)
- update to 4.1.18
Marcus Rueckert (darix)
accepted
request 520865
from
Michael Ströder (stroeder)
(revision 31)
- update to 4.1.17
- Features
* zone parser parses type AVC (it has TXT format).
* Fix #1272: use writev to put tcp length field with data for
outgoing zone transfer requests.
- Bugfixes
* Fix potential null pointer in nsec3 adjustment tree.
* Fix text format of deletes for CDS and CDNSKEY, single 0 to
represent empty base64 or hex string.
Michael Ströder (stroeder)
accepted
request 493611
from
Michael Ströder (stroeder)
(revision 30)
update to 4.1.16
Adam Majer (adamm)
accepted
request 490699
from
Michael Ströder (stroeder)
(revision 29)
update to 4.1.15
Adam Majer (adamm)
accepted
request 450090
from
Michael Ströder (stroeder)
(revision 28)
update to 4.1.14
Marcus Rueckert (darix)
accepted
request 435127
from
Adam Majer (adamm)
(revision 27)
- fix tmpfiles-nsd.conf to point to /run instead of /var/run
- add nsd-rpmlintrc to not display some bogus errors
- put log files into /var/log/nsd/
- put sample config in documentation directory
- update to 4.1.13
- FEATURES
- multi-master-check: yes can be used to check all masters for
the last version, using the higher version from the
configured masters
- Support RR type OPENPGPKEY from RFC 7929.
- Can config key algorithms with the digest name, eg. 'sha256'.
- configure --disable-radix-tree for about 15% lower memory
usage.
- for type SRV add A/AAAA to the additional section (if
possible), just like we already do for type MX.
- more extensible edns option handling.
- When tcp is more than half full, use short timeout for tcp
session.
- Patch for {max,min}-{refresh,retry}-time
- Fix #790: size-limit-xfr can stop NSD from downloading
infinite zone transfer data size, from Toshifumi Sakaguchi.
Fixes CVE-2016-6173f
- BUGFIXES
- Fix compile warnings about unused result from write and
strtol. and signcompare in minmax retrytime.
- Fix #812: fix that make depend fails after distribution.
- Fix #817: xfrd update failed loop.
- Add robustness against unallocated data in nsec3 trees.
- Fix README spelling error of BSD license
- Fix multimaster for not tried full zone transfer for a
Marguerite Su (MargueriteSu)
accepted
request 417983
from
Adam Majer (adamm)
(revision 26)
- reword description and summary - add signature file and basic keyring (currently only contains signature of the released version since upstream doesn't seem to distribute a real keyring) - remove redundant nsec3 configure option which are enabled by default - remove obsolete --enable-draft-rrtypes configure
Marcus Rueckert (darix)
committed
(revision 25)
- update to 4.1.10
- FEATURES:
- ip-freebind: yesno option in nsd.conf sets IP_FREEBIND socket
option for Linux, binds to interfaces and addresses that are
down.
- NSD includes AAAA before A for queries over IPV6 (in
delegations). And TC is set if no glue can be provided with
a delegation because of packet size.
- print notice that nsd is starting before taking off.
- BUG FIXES:
- Fix for openssl 1.1.0, HMAC_CTX size not exported from
openssl.
- Fix #751: NSD fails to occlude names below a DNAME.
- If set without nsd.db print "" as the default in the man
pages.
- Fix #755: NSD spins after a zone update and a lot of TCP
queries.
- Fix for NSEC3 with zone signed without exact match for empty
nonterminals, the answer for that domain gets closest
encloser.
- #772 Document that recvmmsg has IPv6 problems on some linux
kernels.
Marcus Rueckert (darix)
committed
(revision 24)
- update to 4.1.9
- Change the nsd.db file version because of nanosecond precision
fix.
- changes from 4.1.8
- #732: tcp-mss, outgoing-tcp-mss options for nsd.conf, patch
from Daisuke Higashi.
- #739: zonefile changes when mtime is small are detected on
reload, if filesystem supports precision mtime values.
- RR type CSYNC (RFC7477) syntax is supported.
- take advantage of arc4random_uniform if available, patch from
Loganaden Velvindron.
- Fix flto check for OSX clang.
- Define _DEFAULT_SOURCE with _BSD_SOURCE for glibc 2.20 on
Linux.
- Fix #736: segfault during zone transfer.
- Fix #744: Fix that NSD replies for configured but unloaded zone
with SERVFAIL, not REFUSED.
Marcus Rueckert (darix)
committed
(revision 23)
- update to 4.1.7
- support configure --with-dbfile="" for nodb mode by default,
where there is no binary database, but nsd reads and writes
zonefiles.
- reuseport: no is the default, because the feature is not
troublefree.
- configure --enable-ratelimit-default-is-off with
--enable-ratelimit to set the default ratelimit to disabled but
available in nsd.conf.
- version: "string" option to set chaos version query reply
string.
- Fix zones updates from nsd parent event loop when there are a
lot of interfaces.
- portability fixes.
- patch from Doug Hogan for SSL_OP_NO_SSLvx options, for the new
defaults in the ssl libraries.
- updated contrib/nsd.spec, from Bálint Szigeti, with new
configure options.
- Allocate less memory for TSIG digest.
- Fix #721: Fix wrong error code (FORMERR) returned for unknown
opcode. NOTIMP expected.
- Fix zonec ttl mismatch printout to include more information.
- Fix TCP responses when REUSEPORT is in use by turning it off.
- Document default in manpage for rrl-slip, ip4 and 6
prefixlength.
- Explain rrl-slip better in documentation.
- Document that ratelimit qps and slip are updated in reconfig.
- Fix up defaults in manpage.
Marcus Rueckert (darix)
accepted
request 338341
from
Michael Ströder (stroeder)
(revision 20)
ignore absence of the systemd-tmpfiles command
Marcus Rueckert (darix)
committed
(revision 19)
- update to 4.1.1
- RFC 7344: CDS and CDNSKEY (read record types).
- per zone statistics with --enable-zone-stats, config zone with
zonestats: "name", zones configured with the same string are
added.
- Disabled use of SSLv3 in nsd-control.
- nsd-checkconf -f prints out full name of pidfile (with dir).
- Synthesize CNAMEs with same TTL as DNAME.
- Fix that expired zones stay expired after a server restart.
- Fix "xfrd_handle_ipc: bad mode" log errors when compiled with
--disable-bind8-stats.
- Fix #616: retry xfer for zones with no content after command.
- Fix char used as array index warnings on NetBSD.
- Fix that queries for noname CH TXT are REFUSED instead of
nodata.
- Fixes for wildcard addition and deletion, speedup for some
cases.
- Fix that failure to add tcp to tcp base does not leak the
socket.
- Patch nsd_munin_ from Philip Paeps to use type ABSOLUTE.
- Fix spinning NSD with lots of failing transfers, due to pointer
comparison using void pointer subtraction (from Otto Moerbeek).
- Fix bug#637: fix that nsd.db grows limitlessly, an off by one
on one megabyte free chunks, created during AXFRs of large
zones, that caused the one megabyte chunk to be leaked.
- Fix casts for ctype functions (from Todd Miller).
- correct some hyphen-used-as-minus-sign (from Andreas Schulze)
in man pages.
- Fix zonesdir chroot error message.
Marcus Rueckert (darix)
committed
(revision 18)
- update to 4.1.0 see /usr/share/doc/packages/NSD-4-features for the important changes
Marcus Rueckert (darix)
committed
(revision 17)
- update to 4.0.0 see /usr/share/doc/packages/NSD-4-features for the important changes - added systemd support
Marcus Rueckert (darix)
committed
(revision 16)
- update to 3.2.13: (bnc#774600) see /usr/share/doc/packages/nsd/ChangeLog This fixes VU#517036 CVE-2012-2979 and VU#624931 CVE-2012-2978.
Marcus Rueckert (darix)
committed
(revision 15)
- update to 3.2.8 see /usr/share/doc/packages/nsd/ChangeLog
Marcus Rueckert (darix)
accepted
request 46948
from
Marcus Hüwe (Marcus_H)
(revision 14)
Copy from home:Marcus_H:branches:server:dns/nsd via accept of submit request 46948 revision 3. Request was accepted with message: reviewed ok
Displaying revisions 81 - 100 of 113
