--- 9.7.1-P2 released ---
2931. [security] Temporarily and partially disable change 2864
because it would cause inifinite attempts of RRSIG
queries. This is an urgent care fix; we'll
revisit the issue and complete the fix later.
[RT #21710]
--- 9.7.1-P1 released ---
2926. [rollback] Temporarially rollback change 2748. [RT #21594]
2925. [bug] Named failed to accept uncachable negative responses
from insecure zones. [RT# 21555]
--- 9.7.1 released ---
--- 9.7.1rc1 released ---
2909. [bug] named-checkconf -p could die if "update-policy local;"
was specified in named.conf. [RT #21416]
2908. [bug] It was possible for re-signing to stop after removing
a DNSKEY. [RT #21384]
2907. [bug] The export version of libdns had undefined references.
[RT #21444]
2906. [bug] Address RFC 5011 implementation issues. [RT #20903]
2905. [port] aix: set use_atomic=yes with native compiler.
[RT #21402]
2904. [bug] When using DLV, sub-zones of the zones in the DLV,
could be incorrectly marked as insecure instead of
secure leading to negative proofs failing. This was
a unintended outcome from change 2890. [RT# 21392]
2903. [bug] managed-keys-directory missing from namedconf.c.
[RT #21370]
--- 9.7.1b1 released ---
2902. [func] Add regression test for change 2897. [RT #21040]
2901. [port] Use AC_C_FLEXIBLE_ARRAY_MEMBER. [RT #21316]
2900. [bug] The placeholder negative caching element was not
properly constructed triggering a INSIST in
dns_ncache_towire(). [RT #21346]
2899. [port] win32: Support linking against OpenSSL 1.0.0.
2898. [bug] nslookup leaked memory when -domain=value was
specified. [RT #21301]
2897. [bug] NSEC3 chains could be left behind when transitioning
to insecure. [RT #21040]
2896. [bug] "rndc sign" failed to properly update the zone
when adding a DNSKEY for publication only. [RT #21045]
2895. [func] genrandom: add support for the generation of multiple
files. [RT #20917]
2894. [contrib] DLZ LDAP support now use '$' not '%'. [RT #21294]
2893. [bug] Improve managed keys support. New named.conf option
managed-keys-directory. [RT #20924]
2892. [bug] Handle REVOKED keys better. [RT #20961]
2891. [maint] Update empty-zones list to match
draft-ietf-dnsop-default-local-zones-13. [RT# 21099]
2890. [bug] Handle the introduction of new trusted-keys and
DS, DLV RRsets better. [RT #21097]
2889. [bug] Elements of the grammar where not properly reported.
[RT #21046]
2888. [bug] Only the first EDNS option was displayed. [RT #21273]
2887. [bug] Report the keytag times in UTC in the .key file,
local time is presented as a comment within the
comment. [RT #21223]
2886. [bug] ctime() is not thread safe. [RT #21223]
2885. [bug] Improve -fno-strict-aliasing support probing in
configure. [RT #21080]
2884. [bug] Insufficient valadation in dns_name_getlabelsequence().
[RT #21283]
2883. [bug] 'dig +short' failed to handle really large datasets.
[RT #21113]
2882. [bug] Remove memory context from list of active contexts
before clearing 'magic'. [RT #21274]
2881. [bug] Reduce the amount of time the rbtdb write lock
is held when closing a version. [RT #21198]
2880. [cleanup] Make the output of dnssec-keygen and dnssec-revoke
consistent. [RT #21078]
2879. [contrib] DLZ bdbhpt driver fails to close correct cursor.
[RT #21106]
2878. [func] Incrementally write the master file after performing
a AXFR. [RT #21010]
2877. [bug] The validator failed to skip obviously mismatching
RRSIGs. [RT #21138]
2876. [bug] Named could return SERVFAIL for negative responses
from unsigned zones. [RT #21131]
2875. [bug] dns_time64_fromtext() could accept non digits.
[RT #21033]
2874. [bug] Cache lack of EDNS support only after the server
successfully responds to the query using plain DNS.
[RT #20930]
2873. [bug] Canceling a dynamic update via the dns/client module
could trigger an assertion failure. [RT #21133]
2872. [bug] Modify dns/client.c:dns_client_createx() to only
require one of IPv4 or IPv6 rather than both.
[RT #21122]
2871. [bug] Type mismatch in mem_api.c between the definition and
the header file, causing build failure with
--enable-exportlib. [RT #21138]
2870. [maint] Add AAAA address for L.ROOT-SERVERS.NET.
2869. [bug] Fix arguments to dns_keytable_findnextkeynode() call.
[RT #20877]
2868. [cleanup] Run "make clean" at the end of configure to ensure
any changes made by configure are integrated.
Use --with-make-clean=no to disable. [RT #20994]
2867. [bug] Don't set GSS_C_SEQUENCE_FLAG as Windows DNS servers
don't like it. [RT #20986]
2866. [bug] Windows does not like the TSIG name being compressed.
[RT #20986]
2865. [bug] memset to zero event.data. [RT #20986]
2864. [bug] Direct SIG/RRSIG queries were not handled correctly.
[RT #21050]
2863. [port] linux: disable IPv6 PMTUD and use network minimum MTU.
[RT #21056]
2862. [bug] nsupdate didn't default to the parent zone when
updating DS records. [RT #20896]
2861. [doc] dnssec-settime man pages didn't correctly document the
inactivation time. [RT #21039]
2860. [bug] named-checkconf's usage was out of date. [RT #21039]
2859. [bug] When cancelling validation it was possible to leak
memory. [RT #20800]
2858. [bug] RTT estimates were not being adjusted on ICMP errors.
[RT #20772]
2857. [bug] named-checkconf did not fail on a bad trusted key.
[RT #20705]
2856. [bug] The size of a memory allocation was not always properly
recorded. [RT #20927]
2853. [bug] add_sigs() could run out of scratch space. [RT #21015]
2852. [bug] Handle broken DNSSEC trust chains better. [RT #15619]
2851. [doc] nslookup.1, removed <informalexample> from the docbook
source as it produced bad nroff. [RT #21007]
2850. [bug] If isc_heap_insert() failed due to memory shortage
the heap would have corrupted entries. [RT #20951]
(This is simply based on net/bind96).
BIND 9.7.0pl2 (9.7.0-P2)
New Features in BIND 9.7 - 'DNSSEC for Humans'
BIND 9.7 introduces several improvements, especially for simplifying
DNSSEC configuration and DNSSEC maintenance. This article lists some
of the new features and significant changes in BIND 9.7.
For more information please refer these webpage.
http://www.isc.org/software/bind/new-features/9.7http://www.isc.org/files/release-notes/9.7.0-P2%20rel%20notes.txt
taca