ISC BIND 9.6.1b1 is now available

Evan Hunt Evan_Hunt at isc.org
Fri Mar 20 21:53:20 UTC 2009 

		BIND 9.6.1 Beta 1 is now available.

	BIND 9.6.1b1 is a beta maintenance release for BIND 9.6.

BIND 9.6.1b1 can be downloaded from

        ftp://ftp.isc.org/isc/bind9/9.6.1b1/bind-9.6.1b1.tar.gz

The PGP signature of the distribution is at

        ftp://ftp.isc.org/isc/bind9/9.6.1b1/bind-9.6.1b1.tar.gz.asc
        ftp://ftp.isc.org/isc/bind9/9.6.1b1/bind-9.6.1b1.tar.gz.sha256.asc
        ftp://ftp.isc.org/isc/bind9/9.6.1b1/bind-9.6.1b1.tar.gz.sha512.asc

The signature was generated with the ISC public key, which is
available at <http://www.isc.org/about/openpgp/pgpkey2006.txt>.

A binary kit for Windows XP, Windows 2003 and Windows 2008 is at

	ftp://ftp.isc.org/isc/bind9/9.6.1b1/BIND9.6.1b1.zip
	ftp://ftp.isc.org/isc/bind9/9.6.1b1/BIND9.6.1b1.debug.zip

The PGP signature of the binary kit is at
        
	ftp://ftp.isc.org/isc/bind9/9.6.1b1/BIND9.6.1b1.zip.asc
	ftp://ftp.isc.org/isc/bind9/9.6.1b1/BIND9.6.1b1.zip.sha256.asc
	ftp://ftp.isc.org/isc/bind9/9.6.1b1/BIND9.6.1b1.zip.sha512.asc
	ftp://ftp.isc.org/isc/bind9/9.6.1b1/BIND9.6.1b1.debug.zip.asc
	ftp://ftp.isc.org/isc/bind9/9.6.1b1/BIND9.6.1b1.debug.zip.sha256.asc
	ftp://ftp.isc.org/isc/bind9/9.6.1b1/BIND9.6.1b1.debug.zip.sha512.asc

Changes since 9.6.0:

	--- 9.6.1b1 released ---

2577.	[doc]		Clarified some statistics counters. [RT #19454]

2576.	[bug]		NSEC record were not being correctly signed when
			a zone transitions from insecure to secure.
			Handle such incorrectly signed zones. [RT #19114]

2574.	[doc]		Document nsupdate -g and -o. [RT #19351]

2573.	[bug]		Replacing a non-CNAME record with a CNAME record in a
			single transaction in a signed zone failed. [RT #19397]

2568.	[bug]		Report when the write to indicate a otherwise
			successful start fails. [RT #19360]

2567.	[bug]		dst__privstruct_writefile() could miss write errors.
			write_public_key() could miss write errors.
			dnssec-dsfromkey could miss write errors.
			[RT #19360]

2564.	[bug]		Only take EDNS fallback steps when processing timeouts.
			[RT #19405]

2563.	[bug]		Dig could leak a socket causing it to wait forever
			to exit. [RT #19359]

2561.	[doc]		Add isc-config.sh(1) man page. [RT #16378]

2560.	[bug]		Add #include <config.h> to iptable.c. [RT #18258]

2559.	[bug]		dnssec-dsfromkey could compute bad DS records when
			reading from a K* files.  [RT #19357]

2557.	[cleanup]	PCI compliance:
			* new libisc log module file
			* isc_dir_chroot() now also changes the working
			  directory to "/".
			* additional INSISTs
			* additional logging when files can't be removed.

2556.	[port]		Solaris: mkdir(2) on tmpfs filesystems does not do the
			error checks in the correct order resulting in the
			wrong error code sometimes being returned. [RT #19249]
			
2554.	[bug]		Validation of uppercase queries from NSEC3 zones could
			fail. [RT #19297]

2553.	[bug]		Reference leak on DNSSEC validation errors. [RT #19291]

2552.	[bug]		zero-no-soa-ttl-cache was not being honoured.
			[RT #19340]

2551.	[bug]		Potential Reference leak on return. [RT #19341]

2550.	[bug]		Check --with-openssl=<path> finds <openssl/opensslv.h>.
			[RT #19343]

2549.	[port]		linux: define NR_OPEN if not currently defined.
			[RT #19344]

2548.	[bug]		Install iterated_hash.h. [RT #19335]

2547.	[bug]		openssl_link.c:mem_realloc() could reference an
			out-of-range area of the source buffer.  New public
			function isc_mem_reallocate() was introduced to address
			this bug. [RT #19313]

2545.	[doc]		ARM: Legal hostname checking (check-names) is
			for SRV RDATA too. [RT #19304]

2544.	[cleanup]	Removed unused structure members in adb.c. [RT #19225]

2543.	[contrib]	Update contrib/zkt to version 0.98. [RT #19113]

2542.	[doc]		Update the description of dig +adflag. [RT #19290]

2541.	[bug]		Conditionally update dispatch manager statistics.
			[RT #19247]

2539.	[security]	Update the interaction between recursion, allow-query,
			allow-query-cache and allow-recursion.  [RT #19198]

2538.	[bug]		cache/ADB memory could grow over max-cache-size,
			especially with threads and smaller max-cache-size
			values. [RT #19240]

2537.	[experimental]	Added more statistics counters including those on socket
			I/O events and query RTT histograms. [RT #18802]

2536.	[cleanup]	Silence some warnings when -Werror=format-security is
			specified. [RT #19083]

2535.	[bug]		dig +showsearh and +trace interacted badly. [RT #19091]

2532.	[bug]		dig: check the question section of the response to
			see if it matches the asked question. [RT #18495]

2531.	[bug]		Change #2207 was incomplete. [RT #19098]

2530.	[bug]		named failed to reject insecure to secure transitions
			via UPDATE. [RT #19101]

2529.	[cleanup]	Upgrade libtool to silence complaints from recent
			version of autoconf. [RT #18657]

2528.   [cleanup]       Silence spurious configure warning about
                        --datarootdir [RT #19096]

2527.	[bug]		named could reuse cache on reload with
			enabling/disabling validation. [RT #19119]

2525.	[experimental]	New logging category "query-errors" to provide detailed
			internal information about query failures, especially
			about server failures. [RT #19027]

2524.	[port]		sunos: dnssec-signzone needs strtoul(). [RT #19129]

2523.	[bug]		Random type rdata freed by dns_nsec_typepresent().
			[RT #19112]

2522.	[security]	Handle -1 from DSA_do_verify() and EVP_VerifyFinal().

2521.	[bug]		Improve epoll cross compilation support. [RT #19047]

2519.	[bug]		dig/host with -4 or -6 didn't work if more than two
			nameserver addresses of the excluded address family
			preceded in resolv.conf. [RT #19081]

2517.	[bug]		dig +trace with -4 or -6 failed when it chose a
			nameserver address of the excluded address.
			[RT #18843]

2516.	[bug]		glue sort for responses was performed even when not
			needed. [RT #19039]

2514.	[bug]		dig/host failed with -4 or -6 when resolv.conf contains
			a nameserver of the excluded address family.
			[RT #18848]

2511.	[cleanup]	dns_rdata_tofmttext() add const to linebreak.
			[RT #18885]

2506.	[port]		solaris: Check at configure time if 
			hack_shutup_pthreadonceinit is needed. [RT #19037]

2505.	[port]		Treat amd64 similarly to x86_64 when determining
			atomic operation support. [RT #19031]

2503.	[port]		linux: improve compatibility with Linux Standard
			Base. [RT #18793]

2502.	[cleanup]	isc_radix: Improve compliance with coding style,
			document function in <isc/radix.h>. [RT #18534]

-- 
Evan Hunt -- each at isc.org
Internet Systems Consortium, Inc.

More information about the bind-announce mailing list