BIND 9.6.0 is now available.
Mark Andrews
Mark_Andrews at isc.org
Tue Dec 23 21:29:20 UTC 2008
BIND 9.6.0 is now available.
BIND 9.6.0 is a development release of BIND 9.
Bugs should be reported to bind9-bugs at isc.org.
BIND 9.6 has a number of new features over 9.5, including:
Full NSEC3 support
Automatic zone re-signing
New update-policy methods tcp-self and 6to4-self
BIND 9.6.0 can be downloaded from
ftp://ftp.isc.org/isc/bind9/9.6.0/bind-9.6.0.tar.gz
The PGP signature of the distribution is at
ftp://ftp.isc.org/isc/bind9/9.6.0/bind-9.6.0.tar.gz.asc
ftp://ftp.isc.org/isc/bind9/9.6.0/bind-9.6.0.tar.gz.sha256.asc
ftp://ftp.isc.org/isc/bind9/9.6.0/bind-9.6.0.tar.gz.sha512.asc
The signature was generated with the ISC public key, which is
available at <http://www.isc.org/ISC/isckey.txt>.
A binary kit for Windows XP and Window 2003 is at
ftp://ftp.isc.org/isc/bind9/9.6.0/BIND9.6.0.zip
ftp://ftp.isc.org/isc/bind9/9.6.0/BIND9.6.0.debug.zip
The PGP signature of the binary kit for Windows XP and Window 2003 is at
ftp://ftp.isc.org/isc/bind9/9.6.0/BIND9.6.0.zip.asc
ftp://ftp.isc.org/isc/bind9/9.6.0/BIND9.6.0.zip.sha256.asc
ftp://ftp.isc.org/isc/bind9/9.6.0/BIND9.6.0.zip.sha512.asc
ftp://ftp.isc.org/isc/bind9/9.6.0/BIND9.6.0.debug.zip.asc
ftp://ftp.isc.org/isc/bind9/9.6.0/BIND9.6.0.debug.zip.sha256.asc
ftp://ftp.isc.org/isc/bind9/9.6.0/BIND9.6.0.debug.zip.sha512.asc
Changes since BIND 9.6.0a1
--- 9.6.0 released ---
2520. [bug] Update xml statistics version number to 2.0 as change
#2388 made the schema incompatible to the previous
version. [RT #19080]
--- 9.6.0rc2 released ---
2515. [port] win32: build dnssec-dsfromkey and dnssec-keyfromlabel.
[RT #19063]
2513 [bug] Fix windows cli build. [RT #19062]
2510. [bug] "dig +sigchase" could trigger REQUIRE failures.
[RT #19033]
2509. [bug] Specifying a fixed query source port was broken.
[RT #19051]
2504. [bug] Address race condition in the socket code. [RT #18899]
--- 9.6.0rc1 released ---
2498. [bug] Removed a bogus function argument used with
ISC_SOCKET_USE_POLLWATCH: it could cause compiler
warning or crash named with the debug 1 level
of logging. [RT #18917]
2497. [bug] Don't add RRSIG bit to NSEC3 bit map for insecure
delegation.
2496. [bug] Add sanity length checks to NSID option. [RT #18813]
2495. [bug] Tighten RRSIG checks. [RT #18795]
2494. [bug] isc/radix.h, dns/sdlz.h and dns/dlz.h were not being
installed. [RT #18826]
2493. [bug] The linux capabilities code was not correctly cleaning
up after itself. [RT #18767]
2492. [func] Rndc status now reports the number of cpus discovered
and the number of worker threads when running
multi-threaded. [RT #18273]
2491. [func] Attempt to re-use a local port if we are already using
the port. [RT #18548]
2490. [port] aix: work around a kernel bug where IPV6_RECVPKTINFO
is cleared when IPV6_V6ONLY is set. [RT #18785]
2489. [port] solaris: Workaround Solaris's kernel bug about
/dev/poll:
http://bugs.opensolaris.org/view_bug.do?bug_id=6724237
Define ISC_SOCKET_USE_POLLWATCH at build time to enable
this workaround. [RT #18870]
2488. [func] Added a tool, dnssec-dsfromkey, to generate DS records
from keyset and .key files. [RT #18694]
2487. [bug] Give TCP connections longer to complete. [RT #18675]
2486. [func] The default locations for named.pid and lwresd.pid
are now /var/run/named/named.pid and
/var/run/lwresd/lwresd.pid respectively.
This allows the owner of the containing directory
to be set, for "named -u" support, and allows there
to be a permanent symbolic link in the path, for
"named -t" support. [RT #18306]
2485. [bug] Change update's the handling of obscured RRSIG
records. Not all orphaned DS records were being
removed. [RT #18828]
2484. [bug] It was possible to trigger a REQUIRE failure when
adding NSEC3 proofs to the response in
query_addwildcardproof(). [RT #18828]
2483. [port] win32: chroot() is not supported. [RT #18805]
2482. [port] libxml2: support versions 2.7.* in addition
to 2.6.*. [RT #18806]
--- 9.6.0b1 released ---
2481. [bug] rbtdb.c:matchparams() failed to handle NSEC3 chain
collisions. [RT #18812]
2480. [bug] named could fail to emit all the required NSEC3
records. [RT #18812]
2479. [bug] xfrout:covers was not properly initialized. [RT #18801]
2478. [bug] 'addresses' could be used uninitialized in
configure_forward(). [RT #18800]
2477. [bug] dig: the global option to print the command line is
+cmd not print_cmd. Update the output to reflect
this. [RT #17008]
2476. [doc] ARM: improve documentation for max-journal-size and
ixfr-from-differences. [RT #15909] [RT #18541]
2475. [bug] LRU cache cleanup under overmem condition could purge
particular entries more aggressively. [RT #17628]
2474. [bug] ACL structures could be allocated with insufficient
space, causing an array overrun. [RT #18765]
2473. [port] linux: raise the limit on open files to the possible
maximum value before spawning threads; 'files'
specified in named.conf doesn't seem to work with
threads as expected. [RT #18784]
2472. [port] linux: check the number of available cpu's before
calling chroot as it depends on "/proc". [RT #16923]
2471. [bug] named-checkzone was not reporting missing mandatory
glue when sibling checks were disabled. [RT #18768]
2470. [bug] Elements of the isc_radix_node_t could be incorrectly
overwritten. [RT# 18719]
2469. [port] solaris: Work around Solaris's select() limitations.
[RT #18769]
2468. [bug] Resolver could try unreachable servers multiple times.
[RT #18739]
2467. [bug] Failure of fcntl(F_DUPFD) wasn't logged. [RT #18740]
2466. [doc] ARM: explain max-cache-ttl 0 SERVFAIL issue.
[RT #18302]
2465. [bug] Adb's handling of lame addresses was different
for IPv4 and IPv6. [RT #18738]
2464. [port] linux: check that a capability is present before
trying to set it. [RT #18135]
2463. [port] linux: POSIX doesn't include the IPv6 Advanced Socket
API and glibc hides parts of the IPv6 Advanced Socket
API as a result. This is stupid as it breaks how the
two halves (Basic and Advanced) of the IPv6 Socket API
were designed to be used but we have to live with it.
Define _GNU_SOURCE to pull in the IPv6 Advanced Socket
API. [RT #18388]
2462. [doc] Document -m (enable memory usage debugging)
option for dig. [RT #18757]
2461. [port] sunos: Change #2363 was not complete. [RT #17513]
--- 9.6.0a1 released ---
More information about the bind-users
mailing list