|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Andreas Gustafsson (Andreas.Gustafsson
nominum.com)Date: Fri Jun 29 2001 - 18:09:39 CDT
BIND 9.1.3rc3 is now available. This is a release candidate for
BIND 9.1.3. It contains fixes for a few bugs in BIND 9.1.3rc2
but no new features.
BIND 9.1.3rc3 can be downloaded from
ftp://ftp.isc.org/isc/bind9/9.1.3rc3/bind-9.1.3rc3.tar.gz
The PGP signature of the distribution is at
ftp://ftp.isc.org/isc/bind9/9.1.3rc3/bind-9.1.3rc3.tar.gz.asc
The signature was generated with the ISC public key, which is available
at <http://www.isc.org/ISC/isckey.txt>.
A list of changes made since 9.1.0 follows. For earlier changes,
see the file CHANGES in the distribution.
--------
--- 9.1.3rc3 released ---
911. [bug] Fail gracefully with multiple hint zones. [RT #1433]
910. [port] Some pre-RFC2133 IPv6 implementations do not define
IN6ADDR_ANY_INIT. [RT #1416]
--- 9.1.3rc2 released ---
904. [bug] The server would leak memory if attempting to use
an expired TSIG key. [RT #1406]
903. [bug] dig should not crash when receiving a TCP packet
of length 0.
902. [bug] The -d option was ignored if both -t and -g were also
specified.
901. [cleanup] The man pages no longer have empty lines outside of
literal blocks.
898. [bug] "dig" failed to set a nonzero exit status
on UDP query timeout. [RT #1323]
894. [bug] When using the DNSSEC tools, a message intended to warn
when the keyboard was being used because of the lack
of a suitable random device was not being printed.
892. [bug] The server could attempt to refresh a zone that
was being loaded, causing an assertion failure.
[RT #1335]
891. [bug] Return an error when a SIG(0) signed response to
an unsigned query is seen. This should actually
do the verification, but it's not currently
possible. [RT #1391]
888. [bug] Don't die when using TKEY to delete a nonexistent
TSIG key. [RT #1392]
860. [interop] Drop cross class glue in zone transfers.
852. [bug] Handle responses from servers which do not
now about IXFR.
850. [bug] dns_rbt_findnode() would not find nodes that were
split on a bitstring label somewhere other than in
the last label of the node. [RT #1351]
705. [port] Work out resource limit type for use where rlim_t is
not available. [RT #695]
704. [port] RLIMIT_NOFILE is not available on all platforms.
703. [port] sys/select.h is needed on older platforms. [RT #695]
--- 9.1.3rc1 released ---
831. [bug] The configure script tried to determine
endianness before making its final decision on
which C compiler to use, causing Solaris/x86
systems with gcc to be incorrectly identified
as big-endian. [RT #1315]
827. [bug] When an IXFR protocol error occurs, the slave
should retry with AXFR.
826. [bug] Some IXFR protocol errors were not detected.
825. [bug] zone.c:ns_query() detached from the wrong zone
reference. [RT #1264]
824. [bug] Correct line numbers reported by dns_master_load().
[RT #1263]
822. [bug] Sending nxrrset prerequisites would crash nsupdate.
[RT #1248]
806. [bug] DNS_R_SEENINCLUDE was failing to propagate back up
the calling stack to the zone maintence level, causing
zones to not reload when an included file was touched
but the top-level zone file was not.
771. [cleanup] TSIG errors related to unsynchronized clocks
are logged better. [RT #919]
734. [bug] An attempt to re-lock the zone lock could occur if
the server was shutdown during a zone tranfer.
[RT #830]
712. [bug] Sending a large signed update message caused an
assertion failure. [RT #718]
669. [bug] dnssec-keygen now makes the public key file
non-world-readable for symmetric keys. [RT #403]
--- 9.1.2 released ---
--- 9.1.2rc1 released ---
820. [bug] Name server address lookups failed to follow
A6 chains into the glue of local authoritative
zones.
819. [bug] In certain cases, the resolver's attempts to
restart an address lookup at the root could cause
the fetch to deadlock (with itself) instead of
restarting. [RT #1225]
818. [bug] Certain pathological responses to ANY queries could
cause an assertion failure. [RT #1218]
816. [bug] Report potential problems with log file accessibility
at configuration time, since such problems can't
reliably be reported at the time they actually occur.
815. [bug] If a log file was specified with a path separator
character (i.e. "/") in its name and the directory
did not exist, the log file's name was treated as
though it were the directory name. [RT #1189]
814. [bug] Socket objects left over from accept() failures
were incorrectly destroyed, causing corruption
of socket manager data structures.
813. [bug] File descriptors exceeding FD_SETSIZE were handled
badly. [RT #1192]
812. [bug] dig sometimes printed incomplete IXFR responses
due to an uninitialized variable. [RT #1188]
811. [bug] Parentheses were not quoted in zone dumps. [RT #1194]
810. [bug] The signer name in SIG records was not properly
downcased when signing/verifying records. [RT #1186]
807. [bug] When setting up TCP connections for incoming zone
transfers, the transfer-source port was not
ignored like it should be.
804. [bug] Attempting to obtain entropy could fail in some
situations. This would be most common on systems
with user-space threads. [RT #1131]
802. [bug] DNSSEC key tags were computed incorrectly in almost
all cases. [RT #1146]
801. [bug] nsupdate should treat lines beginning with ';' as
comments. [RT #1139]
800. [bug] dnssec-signzone produced incorrect statistics for
large zones. [RT #1133]
799. [bug] The ADB didn't find AAAA glue in a zone unless A6
glue was also present.
--- 9.1.1 released ---
--- 9.1.1rc7 released ---
791. [bug] The command channel now works over IPv6.
790. [bug] Wildcards created using dynamic update or IXFR
could fail to match. [RT #1111]
787. [bug] The DNSSEC tools failed to downcase domain
names when mapping them into file names.
786. [bug] When DNSSEC signing/verifying data, owner names were
not properly downcased.
--- 9.1.1rc6 released ---
785. [bug] A race condition in the resolver could cause
an assertion failure. [RT #673, #872, #1048]
784. [bug] nsupdate and other programs would not quit properly
if some signals were blocked by the caller. [RT #1081]
783. [bug] Following CNAMEs could cause an assertion failure
when either using an sdb database or under very
rare conditions.
780. [bug] Error handling code dealing with out of memory or
other rare errors could lead to assertion failures
by calling functions on unitialized names. [RT #1065]
--- 9.1.1rc5 released ---
778. [bug] When starting cache cleaning, cleaning_timer_action()
returned without first pausing the iterator, which
could cause deadlock. [RT #998]
777. [bug] An empty forwarders list in a zone failed to override
global forwarders. [RT #995]
775. [bug] Address match lists with invalid netmasks caused
the configuration parser to abort with an assertion
failure. [RT #996]
772. [bug] Owner names could be incorrectly omitted from cache
dumps in the presence of negative caching entries.
[RT #991]
686. [bug] dig and nslookup can now be properly aborted during
blocking operations. [RT #568]
--- 9.1.1rc4 released ---
767. [bug] The configuration parser handled invalid ports badly.
[RT #961]
766. [bug] A few cases in query_find() could leak fname.
This would trigger the mpctx->allocated == 0
assertion when the server exited.
[RT #739, #776, #798, #812, #818, #821, #845,
#892, #935, #966]
759. [bug] The resolver didn't turn off "avoid fetches" mode
when restarting, possibly causing resolution
to fail when it should not. This bug only affected
platforms which support both IPv4 and IPv6. [RT #927]
758. [bug] The "avoid fetches" code did not treat negative
cache entries correctly, causing fetches that would
be useful to be avoided. This bug only affected
platforms which support both IPv4 and IPv6. [RT #927]
756. [bug] dns_zone_load() could "return" success when no master
file was configured.
755. [bug] Fix incorrectly formatted log messages in zone.c.
709. [bug] ANY or SIG queries for data with a TTL of 0
would return SERVFAIL. [RT #620]
--- 9.1.1rc3 released ---
754. [bug] Certain failure conditions sending UDP packets
could cause the server to retry the transmission
indefinitely. [RT #902]
753. [bug] dig, host, and nslookup would fail to contact a
remote server if getaddrinfo() returned an IPv6
address on a system that doesn't support IPv6.
[RT #917]
750. [bug] A query should not match a DNAME whose trust level
is pending. [RT #916]
749. [bug] When a query matched a DNAME in a secure zone, the
server did not return the signature of the DNAME.
[RT #915]
747. [bug] The code to determine whether an IXFR was possible
did not properly check for a database that could
not have a journal. [RT #865, #908]
746. [bug] The sdb didn't clone rdatasets properly, causing
a crash when the server followed delegations. [RT #905]
744. [bug] When returning DNS_R_CNAME or DNS_R_DNAME as the
result of an ANY or SIG query, the resolver failed
to setup the return event's rdatasets, causing an
assertion failure in the query code. [RT #881]
743. [bug] Receiving a large number of certain malformed
answers could cause named to stop responding.
[RT #861]
742. [bug] dig +domain did not work. [RT #850]
738. [bug] If a non-threadsafe sdb driver supported AXFR and
received an AXFR request, it would deadlock or die
with an assertion failure. [RT #852]
737. [port] stdtime.c failed to compile on certain platforms.
648. [port] Add support for pre-RFC2133 IPv6 implementations.
--- 9.1.1rc2 released ---
733. [bug] Reference counts of dns_acl_t objects need to be
locked but were not. [RT #801, #821]
708. [bug] When building with --with-openssl, the openssl headers
included with BIND 9 should not be used. [RT #702]
--- 9.1.1rc1 released ---
729. [port] pthread_setconcurrency() needs to be called on Solaris.
727. [port] Work around OS bug where accept() succeeds but
fails to fill in the peer address of the accepted
connection, by treating it as an error rather than
an assertion failure. [RT #809]
723. [bug] Referrals whose NS RRs had a 0 TTL caused the resolver
to return DNS_R_SERVFAIL. [RT #783]
720. [bug] Server could enter infinite loop in
dispatch.c:do_cancel(). [RT #733]
719. [bug] Rapid reloads could trigger an assertion failure.
[RT #743, #763]
717. [bug] Certain TKEY processing failure modes could
reference an uninitialized variable, causing the
server to crash. [RT #750]
716. [bug] The first line of a $INCLUDE master file was lost if
an origin was specified. [RT #744]
715. [bug] Resolving some A6 chains could cause an assertion
failure in adb.c. [RT #738]
711. [bug] The libisc and liblwres implementations of
inet_ntop contained an off by one error.
706. [bug] Zones with an explicit "allow-update { none; };"
were considered dynamic and therefore not reloaded
on SIGHUP or "rndc reload".
700. [bug] $GENERATE range check was wrong. [RT #688]
698. [bug] Aborting nsupdate with ^C would lead to several
race conditions.
699. [bug] The lexer mishandled empty quoted strings. [RT #694]
694. [bug] $GENERATE did not produce the last entry.
[RT #682, #683]
693. [bug] An empty lwres statement in named.conf caused
the server to crash while loading.
692. [bug] Deal with systems that have getaddrinfo() but not
gai_strerror(). [RT #679]
691. [bug] Configuring per-view forwarders caused an assertion
failure. [RT #675, #734]
--- 9.1.0 released ---
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]