BIND 8.2.3 T6B is available for public testing

Paul A Vixie vixie at
Fri Jul 21 01:08:44 UTC 2000

This is NOT a release candidate. (Public T5B testing resulted in good changes.)

Highlights vs. BIND 8.2.3-T5B:

	infamous "munnari" bug suite fixed
	bad gettimeofday() results now caught
	NOTIFY messages now set AA per RFC1976
	IQUERY "information leak" plugged

Highlights vs. BIND 8.2.2-P5:

	Bug fixes

	fixed wierd IXFR-related bug
	forwarders are now used in order by measured RTT
	TSIG AXFR was completely broken in DiG
	"ndc reconfig -noexpired"

	zones signed by the BIND 9 signer failed to load.
	another almost-complete rewrite of IXFR.
	acl "none" now fails to match but doesn't end search.
	res_nsend() almost completely readable now.
	various small win/nt improvements.

the distribution files are:

the pgp signature files are:

top of CHANGES says:

	--- 8.2.3-T6B released ---

1029.	[bug]		incredibly busy systems could starve handle_needs().

1028.	[protocol]	unrecognized TSIG was returning NOERROR (now NOTAUTH).

1027.	[support]	INSIST(), ENSURE(), et al, now always have sideeffects.

1026.	[port]		some kernels bogusly return tv_usec>1000000 from
			gettimeofday().  panic and dump core when this happens.

1025.	[proto]		NOTIFY messages should have AA.

1024.	[bug]		we were unwilling to use the last 10 octets of a
			response buffer in certain transaction types.

1023.	[port]		HP-UX 10.20 was looping inside contrib/dnssigner.

1022.	[port]		ensure that all handled signals are unblocked.

1021.	[bug]		the "host" command wasn't properly printing SRV RR's.

1020.	[contrib]	new "updatehosts" (V1.1.0) contributed by author.

1019.	[port]		separate CFLAGS and CPPFLAGS for unusual builds.

1018.	[bug]		When maintain_ixfr_base is set to "no" a zones IXFR
			file was still being written too.

1017.	[doc]		resolver(3) was out of date with respect to recent API

1016.	[bug]		nslookup wasn't properly printing SIG RR's.

1015.	[bug]		when merging group information gr_name and gr_passwd
			could be left pointing at freed memory.

1014.	[bug]		iquery: DoS (potential), information leak.

1013.	[bug]		mangled hostent structures returned by
			gethostbyname_r() and friends.

1012.	[doc]		add named-bootconf example to INSTALL.

1011.	[bug]		if spawnxfer() fails we should return immediately.

1010.	[bug]		bad responses to the initial IXFR/SOA query could
			result in using an uninitalised variable.
1009.	[port]		Add support for darwin / Mac OS X

1008.	[doc]		specify allow-query default in named.conf.

1007.	[bug]		only set STREAM_AXFRIXFR if the original query is
			an IXFR.

	--- 8.2.3-T5B (RC3) released ---

1006.	[port]		Windows/NT does not have fchown().

1005.	[bug]		RD was sometimes left set, inappropriately.

1004.	[bug]		cached NXT's were corrupted.

1003.	[bug]		correction to #997.

1002.	[bug]		file descriptor leak in res_nclose().

1001.	[port]		some builds were too fast.

	--- 8.2.3-T4B (RC2) released ---

1000.	[bug]		#996 was wrongly implemented; replacement fix.

	--- 8.2.3-T3B released ---

 999.	[support]	named now makes an effort to create its files with
			ownership as specified by -u and -g command options.

 998.	[support]	show version number in NOTIFY log messages.

 997.	[support]	forwarders are now used in order by measured RTT.

 996.	[protocol]	if answering ixfr with full zone, used qtype axfr.

 995.	[bug]		"dig -b" was broken due to missing switch "break;"

 994.	[bug]		named-xfer did not handle empty question sections.

 993.	[bug]		TSIG AXFR was completely broken in DiG.

			non-single-bit flag values in src/bin/named/ns_defs.h.

 991.	[protocol]	send A6 glue records in xfr.

 990.	[bug]		we could loose track of a bottom of zone cut is the
			write buffer filled up at just the correct moment.

 989.	[bug]		apply to "fetch-glue no;" to notify processing.  need
			to add A records that would be found this way w/

 988.	[support]	report expired zones when detected in maintainence

 987.	[feature]	"ndc reconfig -noexpired" skip attempts to load
			expired zoned when reconfiguring.

 986.	[bug]		pushlev only needs to be called for axfr/zxfr not ixfr.

	--- 8.2.3-T2B released ---

 985.	[support]	remove "view" command from nslookup (it used mktemp()).

 984.	[bug]		always restart processing query from scratch if we
			have chased a CNAME as we might still have the answer
			in the cache once the CNAME has been resolved.

 983.	[support]	"notify from non-master server" is now debug, not info.

 982.	[bug]		rollback the compression pointers array when a
			RRset/RR does not fit.

 981.	[port]		decunix: typedef (u_)int#m_t

 980.	[bug]		mishandled memget failure w/ TCP connections.

 979.	[bug]		we were failing to call ns_stopxfrs() before calling
			purge_zone() in some cases.

 978.	[port]		sco50: setsockopt(SO_REUSEADDR) fails on unix domain

 977.	[bug]		we should be returning notimpl for update forwarding
			rather than refused.  a client receiving refused
			should terminate the update attempt.  notimpl should
			just cause the client to skip to the next server.

 976.	[bug]		some stats weren't getting incremented, & added a few.

 975.	[support]	SLAVE_FORWARD is now redundant and has been removed.

 974.	[port]		ultrix with vendor's y2k patch explicitly desupported.

 973.	[bug]		some field names added in #935 conflicted with macros.

 972.	[support]	restore heartbeat notifies.

 971.	[bug]		out of order updates in log.

 970.	[port]		solaris: add ipv6 interface scanning support.

 969.	[bug]		post process a zone load to remove any non-glue at
			or below bottom of zone.

 968.	[bug]		TSIGs failed to verify if the key name was compressed.

 967.	[bug]		zones signed by the BIND 9 signer failed to load.

	--- 8.2.3-T1A released ---

 966.	[bug]		nslookup and dig misprinted root zone in $ORIGIN.

 965.	[feature]	dig's command line input buffer was rather small.

 964.	[bug]		make res_nsearch() behave like res_search() of olde.

 963.	[bug]		res_debug::do_section() can no longer spin all VM.

 962.	[bug]		another almost-complete rewrite of IXFR from kjd (462)

 961.	[bug]		acl "none" now fails to match but doesn't end search.

 960.	[bug]		more hesiod library fixes from danny.

 959.	[doc]		christos fixed several man page typos and brainos.

 958.	[bug]		getnameinfo() should accept experimental/multicast.

 957.	[port]		ultrix again.  "cd" now presumed to be silent again.

 956.	[bug]		multiline was not being cleared correctly.

 955.	[bug]		explicit TTL on SOA records were being replaced with
			soa minimum.

 954.	[bug]		cannot load a signed root zone.

 953.	[bug]		memory overrun in set_zone_ixfr_file().

 952.	[bug]		errs was not being correctly adjusted if the included
			master file did not exist in db_load().

 951.	[bug]		contrib/dns_signer/signer: write_trim_name
			array bounds write error.

 950.	[bug]		hesiod: ctx->res was not being initalised.

 949.	[port]		aix32: add prand_conf.h and define WCOREDUMP

 948.	[bug]		fixed logic error in a number of expressions causing
			res_ninit() not to be called when it should be.

 947.	[bug]		sanity check in dst_read_key() wasn't.

 946.	[port]		freebsd: threaded library support.

 945.	[bug]		wrong file name logged in ixfr_have_log().

 944.	[doc]		add forwarders to zone types  master/slave/stub in 
			named.conf man page.

 943.	[bug]		raise CNAME and OTHER / multiple CNAME logging to 

 942.	[bug]		bad referrals logged for forwarders.

 941.	[bug]		lame server detection wasn't checking for SOA record.

 940.	[clarity]	unapproved -> denied in log messages.

 939.	[bug]		reload_master and purgeandload should write the zone
			if it has been updated.

 938.	[bug]		update and ixfr logs could get corrupted.  fseek()
			before ftell() on fopen(, "a+") file.

 937.	[support]	allow parallel makes to work.

 936.	[protocol]	add preliminary A6 glue recognition in ns_req.

 935.	[cleanup]	res_nsend() segmented into multiple functions for
			readability.  also fixed two file descriptor leaks.
			CAN_RECONNECT is gone, keep one socket per nameserver.

 934.	[bug]		Perror and Aerror where incorrect if DEBUG is not

 933.	[port]		cygwin port added

 932.	[port]		sco42 does not have unix domain sockets or gethostid.

 931.	[bug]		eventlib was not handling unix domain sockets

 930.	[bug]		we wern't using all the potential compression pointers
			in the question section.

 929.	[bug]		we were accepting updates (adds) with illegal ttls.

 928.	[bug]		if we manage to get a illegal ttl stored, print it

 927.	[port]		hpux: (11.* 10.30) Makefile.set.gcc

 926.	[port]		hpux10: gcc needs -D_HPUX_SOURCE and -fPIC

 925.	[protocol]	when a slave loads it should notify others (RFC 1996).

 924.	[port]		sunos solaris: #define NEED_SECURE_DIRECTORY to
			secure the directory containing unix domain socket
			rather than the socket itself.

 923.	[support]	shutup "make clean" about missing threaded directories.

 922.	[bug]		removing an cached zone file then performing a 
			"ndc reload zone" should force a zone transfer.

 921.	[bug]		nsupdate: listuprec was not being initalised.

 920.	[port]		aix4: Makefile.set.gcc
 			aix4: __P was being defined by <net/radix.h>

 919	[port]		linux: remove one level of symbolic linkage when
			performing make links on port/linux/include

 918.	[bug]		update prerequisite could match w/ wildcard.

 917.	[port]		irix: make the current IRIX release (6.5) work by
			not patching res_debug.c. see INSTALL if you have
			problems with 6.3.

 916.	[bug]		removing / changing a zone type could result in
			Z_NOTIFY being cleared / tested against the wrong zone.

 915.	[bug]		evNewWaitList() was not maintaining the prev chain.

 914.	[bug]		signal EWOULDBLOCK if EV_POLL'ing with no timers.

 913.	[bug]		input could get lost on the server side of a ctl sock.

 912.	[bug]		nsupdate now allows explicit 0 TTL's on added RR's.

 911.	[bug]		gethostbyname() should not return duplicate addresses.

 910.	[bug]		address-sorting logic was exiting early.

 909.	[bug]		dig wasn't respecting the +ti and +ret arguments.

 908.	[contrib]	Tony Stoneley sent us an updated misc/makezones.

 907.	[port]		winnt fixes from Larry at Nortel.

 906.	[bug]		res_findzonecut() failed if the NS referred to a CNAME.

 905.	[doc]		Minor fix to doc/man/Makefile for getnameinfo

 904.	[bug]		bin/host wasn't looking up MX records if no
			-t flags were passed to it.

	--- 8.2.2-P6 released ---

 903.	[bug]		divide by zero bug when querying for SIG records from
			a secure zone.

 902.	[support]	don't attempt to set q_fzone if we won't be using it.

 901.	[support]	delay notify timer setting until all zones have been

 900.	[port]		hpux10 fix call to bison; sco call bison consistenly.

 899.	[bug]		dynamically allocate buffer used to display RR rather
			than uses a fixed sized one. grow as needed.

 898.	[bug]		if truncation caused no RR's to appear in the answer we
			mis-classified the answer on a NODATA.

 897.	[support]	descriptors used by named should not be inherited by

 896.	[contrib]	add contrib/adm/adm-nxt, an exploit for the NXT bug
			in 8.2 and 8.2.1.  as before, we do not recommend its
			use, and we do recommend that you run the latest BIND.

	--- 8.2.2-P5 released ---

More information about the bind-announce mailing list