Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP4:Update
patchinfo.27244
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.27244
<patchinfo incident="27244"> <issue tracker="jsc" id="SLE-24600"/> <issue tracker="jsc" id="SLE-24801"/> <packager>jcronenberg</packager> <rating>moderate</rating> <category>feature</category> <summary>Feature update for bind</summary> <description>This update for bind fixes the following issues: Version update from 9.16.33 to 9.16.35 (jsc#SLE-24801, jsc#SLE-24600) - New Features: * Support for parsing and validating the dohpath service parameter in SVCB records was added. * named now logs the supported cryptographic algorithms during startup and in the output of named -V - Bug Fixes: * A crash was fixed that happened when a dnssec-policy zone that used NSEC3 was reconfigured to enable inline-signing. * In certain resolution scenarios, quotas could be erroneously reached for servers, including any configured forwarders, resulting in SERVFAIL answers being sent to clients. * rpz-ip rules in response-policy zones could be ineffective in some cases if a query had the CD (Checking Disabled) bit set to 1. * Previously, if Internet connectivity issues were experienced during the initial startup of named, a BIND resolver with dnssec-validation set to auto could enter into a state where it would not recover without stopping named, manually deleting the managed-keys.bind and managed-keys.bind.jnl files, and starting named again. * The statistics counter representing the current number of clients awaiting recursive resolution results (RecursClients) could overflow in certain resolution scenarios. * Previously, BIND failed to start on Solaris-based systems with hundreds of CPUs. * When a DNS resource records TTL value was equal to the resolver configured prefetch eligibility value, the record was erroneously not treated as eligible for prefetching. * Changing just the TSIG key names for primaries in catalog zones member zones was not effective. This has been fixed. - Known Issues: * Upgrading from BIND 9.16.32 or any older version may require a manual configuration change. The following configurations are affected: + type primary zones configured with dnssec-policy but without either allow-update or update-policy + type secondary zones configured with dnssec-policy In these cases please add inline-signing yes; to the individual zone configuration(s). Without applying this change, named will fail to start. For more details, see https://kb.isc.org/docs/dnssec-policy-requires-dynamic-dns-or-inline-signing </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
