BIND 9.4.0b2 is now available.
BIND 9.4.0b2 is a beta release for BIND 9.4.0.
BIND 9.4.0b2 contains security fixes:
2066. [security] Handle SIG queries gracefully. [RT #16300]
1941. [bug] ncache_adderesult() should set
eresult even if no
rdataset is passed to it. [RT
#15642]
If you are running a BIND 9.3.x or BIND 9.4.x version
without
these changes you are advised to upgrade as soon as
possible to
one of BIND 9.3.2-P1, BIND 9.3.3rc2 or BIND 9.4.0b2.
Please as a minimum please perform a test build on your
operating system. We don't have test platforms for every
operating system and sometimes we accidently break builds.
Now is the time to tell us about that.
Now is the time to report any bugs introduced in this
release
cycle. Except for *major* bugs, all bugs which pre-date
this release cycle will be deferred until the next release.
The aim is to be better than and definitely no worse than
the last release. Bugs should be reported to
bind9-bugs isc.org.
BIND 9.4 has a number of new features over BIND 9.3,
including:
Implemented "additional section caching" (or
"acache"), an
internal cache framework for additional section content to
improve response performance. Several configuration
options
were provided to control the behavior.
New notify type 'master-only'. Enable notify for master
zones only.
Accept 'notify-source' style syntax for query-source.
rndc now allows addresses to be set in the server clauses.
New option "allow-query-cache". This lets
allow-query be
used to specify the default zone access level rather than
having to have every zone override the global value.
allow-query-cache can be set at both the options and view
levels. If allow-query-cache is not set allow-query
applies.
rndc: the source address can now be specified.
ixfr-from-differences now takes master and slave in
addition
to yes and no at the options and view levels.
Allow the journal's name to be changed via named.conf.
'rndc notify zone [class [view]]' resend the NOTIFY
messages
for the specified zone.
'dig +trace' now randomly selects the next servers to
try.
Report if there is a bad delegation.
Improve check-names error messages.
Make public the function to read a key file,
dst_key_read_public().
dig now returns the byte count for axfr/ixfr.
allow-update is now settable at the options / view level.
named-checkconf now checks the logging configuration.
host now can turn on memory debugging flags with '-m'.
Don't send notify messages to self.
Perform sanity checks on NS records which refer to 'in
zone' names.
New zone option "notify-delay". Specify a
minimum delay
between sets of NOTIFY messages.
Extend adjusting TTL warning messages.
Named and named-checkzone can now both check for
non-terminal
wildcard records.
"rndc freeze/thaw" now freezes/thaws all zones.
named-checkconf now check acls to verify that they only
refer to existing acls.
The server syntax has been extended to support a range of
servers.
Report differences between hints and real NS rrset and
associated address records.
Preserve the case of domain names in rdata during zone
transfers.
Restructured the data locking framework using architecture
dependent atomic operations (when available), improving
response performance on multi-processor machines
significantly.
x86, x86_64, alpha, powerpc, and mips are currently
supported.
UNIX domain controls are now supported.
Add support for additional zone file formats for improving
loading performance. The masterfile-format option in
named.conf can be used to specify a non-default format. A
separate command named-compilezone was provided to generate
zone files in the new format. Additionally, the -I and -O
options for dnssec-signzone specify the input and output
formats.
dnssec-signzone can now randomize signature end times
(dnssec-signzone -j jitter).
Add support for CH A record.
Add additional zone data consistancy checks.
named-checkzone
has extended checking of NS, MX and SRV record and the
hosts
they reference. named has extended post zone load checks.
New zone options: check-mx and integrity-check.
edns-udp-size can now be overridden on a per server basis.
dig can now specify the EDNS version when making a query.
Added framework for handling multiple EDNS versions.
Additional memory debugging support to track size and mctx
arguments.
Detect duplicates of UDP queries we are recursing on and
drop them. New stats category "duplicates".
Memory management. "USE INTERNAL MALLOC" is now
runtime selectable.
The lame cache is now done on a <qname,qclass,qtype>
basis
as some servers only appear to be lame for certain query
types.
Limit the number of recursive clients that can be waiting
for a single query (<qname,qtype,qclass>) to resolve.
New
options clients-per-query and max-clients-per-query.
dig: report the number of extra bytes still left in the
packet after processing all the records.
Support for IPSECKEY rdata type.
Raise the UDP receive buffer size to 32k if it is less than
32k.
x86 and x86_64 now have separate atomic locking
implementations.
named-checkconf now validates update-policy entries.
Attempt to make the amount of work performed in a iteration
self tuning. The covers nodes clean from the cache per
iteration, nodes written to disk when rewriting a master
file and nodes destroyed per iteration when destroying a
zone or a cache.
ISC string copy API.
Automatic empty zone creation for D.F.IP6.ARPA and friends.
Note: RFC 1918 zones are not yet covered by this but are
likely to be in a future release.
New options: empty-server, empty-contact,
empty-zones-enable
and disable-empty-zone.
dig now has a '-q queryname' and '+showsearch' options.
host/nslookup now continue (default)/fail on SERVFAIL.
dig now warns if 'RA' is not set in the answer when
'RD'
was set in the query. host/nslookup skip servers that fail
to set 'RA' when 'RD' is set unless a server is
explicitly
set.
Integrate contributed DLZ code into named.
Integrate contributed IDN code from JPNIC.
Validate pending NS RRsets, in the authority section, prior
to returning them if it can be done without requiring
DNSKEYs
to be fetched.
It is now possible to configure named to accept expired
RRSIGs. Default "dnssec-accept-expired no;".
Setting
"dnssec-accept-expired yes;" leaves named
vulnerable to
replay attacks.
Additional memory leakage checks.
The maximum EDNS UDP response named will send can now be
set in named.conf (max-udp-size). This is independent of
the advertised receive buffer (edns-udp-size).
Named now falls back to advertising EDNS with a 512 byte
receive buffer if the initial EDNS queries fail.
Control the zeroing of the negative response TTL to a soa
query. Defaults "zero-no-soa-ttl yes;" and
"zero-no-soa-ttl-cache no;".
Separate out MX and SRV to CNAME checks.
dig/nslookup/host: warn about missing "QR".
TSIG HMACSHA1, HMACSHA224, HMACSHA256, HMACSHA384 and
HMACSHA512 support.
dnssec-signzone: output the SOA record as the first record
in the signed zone.
Two new update policies. "selfsub" and
"selfwild".
dig, nslookup and host now advertise a 4096 byte EDNS UDP
buffer size by default.
Report when a zone is removed.
DS/DLV SHA256 digest algorithm support.
Implement "rrset-order fixed".
Check the KSK flag when updating a secure dynamic zone.
New zone option "update-check-ksk yes;".
It is now possible to explicitly enable DNSSEC validation.
default dnssec-validation no; to be changed to yes in
9.5.0.
It is now possible to enable/disable DNSSEC validation
from rndc. This is useful for the mobile hosts where the
current connection point breaks DNSSEC (firewall/proxy).
rndc validation newstate [view]
dnssec-signzone can now update the SOA record of the signed
zone, either as an increment or as the system time().
Statistics about acache now recorded and sent to log.
libbind: corresponds to that from BIND 8.4.7.
BIND 9.4.0b2 can be downloaded from
ftp://ftp.isc.org/isc/bind9/9.4.0b2/bind-9.4.0b2.tar.gz
The PGP signature of the distribution is at
ftp://ftp.isc.org/isc/bind9/9.4.0b2/bind-9.4.0b2.tar.gz.asc
ftp://ftp.isc.org/isc/bind9/9.4.0b2/bind-9.4.0b2.tar.gz.sha2
56.asc
ftp://ftp.isc.org/isc/bind9/9.4.0b2/bind-9.4.0b2.tar.gz.sha5
12.asc
The signature was generated with the ISC public key, which
is
available at <
http://www.isc.org/about/openpgp/pgpkey2006.txt>.
A binary kit for Windows NT 4.0, Windows 2000, Windows XP
and Window 2003 is at
ftp://ftp.isc.org/isc/bind9/9.4.0b2/BIND9.4.0b2.zip
ftp://ftp.isc.org/isc/bind9/9.4.0b2/BIND9.4.0b2.debug.zip
The PGP signature of the binary kit for Windows NT 4.0,
Windows 2000,
Windows XP and Window 2003 is at
ftp://ftp.isc.org/isc/bind9/9.4.0b2/BIND9.4.0b2.zip.asc
ftp://ftp.isc.org/isc/bind9/9.4.0b2/BIND9.4.0b2.zip.sha256.
asc
ftp://ftp.isc.org/isc/bind9/9.4.0b2/BIND9.4.0b2.zip.sha512.
asc
ftp://ftp.isc.org/isc/bind9/9.4.0b2/BIND9.4.0b2.debug.zip.a
sc
ftp://ftp.isc.org/isc/bind9/9.4.0b2/BIND9.4.0b2.debug.zip.s
ha256.asc
ftp://ftp.isc.org/isc/bind9/9.4.0b2/BIND9.4.0b2.debug.zip.s
ha512.asc
Changes since 9.4.0a1.
--- 9.4.0b2 released ---
2081. [port] libbind: minor 64-bit portability fix in
memcluster.c.
[RT #16360]
2080. [port] libbind: res_init.c did not compile on older
versions
of Solaris. [RT #16363]
2079. [bug] The lame cache was not handling multiple types
correctly. [RT #16361]
2078. [bug] dnssec-checkzone output style
"default" was badly
named. It is now called "relative". [RT
#16326]
2077. [bug] 'dnssec-signzone -O raw' wasn't outputing
the
complete signed zone. [RT #16326]
2076. [bug] Several files were missing #include
<config.h>
causing build failures on OSF. [RT #16341]
2075. [bug] The spillat timer event hander could leak
memory.
[RT #16357]
2074. [bug] dns_request_createvia2(),
dns_request_createvia3(),
dns_request_createraw2() and dns_request_createraw3()
failed to send multiple UDP requests. [RT #16349]
2073. [bug] Incorrect semantics check for update policy
"wildcard".
[RT #16353]
2072. [bug] We were not generating valid HMAC SHA digests.
[RT #16320]
2071. [port] Test whether gcc accepts -fno-strict-aliasing.
[RT #16324]
2070. [bug] The remote address was not always displayed
when
reporting dispatch failures. [RT #16315]
2069. [bug] Cross compiling was not working. [RT #16330]
2068. [cleanup] Lower incremental tuning message to debug 1.
[RT #16319]
2067. [bug] 'rndc' could close the socket too early
triggering
a INSIST under Windows. [RT #16317]
2066. [security] Handle SIG queries gracefully. [RT #16300]
2065. [bug] libbind: probe for HPUX prototypes for
endprotoent_r() and endservent_r(). [RT 16313]
2064. [bug] libbind: silence AIX compiler warnings. [RT
#16218]
2063. [bug] Change #1955 introduced a bug which caused the
first
'rndc flush' call to not free memory. [RT #16244]
2062. [bug] 'dig +nssearch' was reusing a buffer before
it had
been returned by the socket code. [RT #16307]
2061. [bug] Accept expired wildcard message reversed. [RT
#16296]
2060. [bug] Enabling DLZ support could leave views
partially
configured. [RT #16295]
--- 9.4.0b1 released ---
2059. [bug] Search into cache rbtdb could trigger an INSIST
failure while cleaning up a stale rdataset.
[RT #16292]
2058. [bug] Adjust how we calculate rtt estimates in the
presence
of authoritative servers that drop EDNS and/or CD
requests. Also fallback to EDNS/512 and plain DNS
faster for zones with less than 3 servers. [RT #16187]
2057. [bug] Make setting "ra" dependent on both
allow-query-cache
and allow-recursion. [RT #16290]
2056. [bug] dig: ixfr= was not being treated case
insensitively
at all times. [RT #15955]
2055. [bug] Missing goto after dropping multicast query.
[RT #15944]
2054. [port] freebsd: do not explicitly link against
-lpthread.
[RT #16170]
2053. [port] netbsd:libbind: silence compiler warnings. [RT
#16220]
2052. [bug] 'rndc' improve connect failed message to
report
the failing address. [RT #15978]
2051. [port] More strtol() fixes. [RT #16249]
2050. [bug] Parsing of NSAP records was not case
insensitive.
[RT #16287]
2049. [bug] Restore SOA before AXFR when falling back from
a attempted IXFR when transfering in a zone.
Allow a initial SOA query before attempting
a AXFR to be requested. [RT #16156]
2048. [bug] It was possible to loop forever when using
avoid-v4-udp-ports / avoid-v6-udp-ports when
the OS always returned the same local port.
[RT #16182]
2047. [bug] Failed to initialise the interface flags to
zero.
[RT #16245]
2046. [bug] rbtdb.c:rdataset_setadditional() could cause
duplicate
cleanup [RT #16247].
2045. [func] Use lock buckets for acache entries to limit
memory
consumption. [RT #16183]
2044. [port] Add support for atomic operations for Itanium.
[RT #16179]
2043. [port] nsupdate/nslookup: Force the flushing of the
prompt
for interactive sessions. [RT#16148]
2042. [bug] named-checkconf was incorrectly rejecting the
logging category "config". [RT #16117]
2041. [bug] "configure --with-dlz-bdb=yes"
produced a bad
set of libraries to be linked. [RT #16129]
2040. [bug] rbtdb no_references() could trigger an INSIST
failure with --enable-atomic. [RT #16022]
2039. [func] Check that all buffers passed to the socket
code
have been retrieved when the socket event is freed.
[RT #16122]
2038. [bug] dig/nslookup/host was unlinking from wrong list
when handling errors. [RT #16122]
2037. [func] When unlinking the first or last element in a
list
check that the list head points to the element to
be unlinked. [RT #15959]
2036. [bug] 'rndc recursing' could cause trigger a
REQUIRE.
[RT #16075]
2034. [bug] gcc: set -fno-strict-aliasing. [RT #16124]
2033. [bug] We wern't creating multiple client memory
contexts
on demand as expected. [RT #16095]
--- 9.4.0a6 released ---
2032. [bug] Remove a INSIST in query_addadditional2(). [RT
#16074]
2031. [bug] Emit a error message when "rndc
refresh" is called on
a non slave/stub zone. [RT # 16073]
2030. [bug] We were being overly conservative when
disabling
openssl engine support. [RT #16030]
2029. [bug] host printed out the server multiple times when
specified on the command line. [RT #15992]
2028. [port] linux: socket.c compatability for old systems.
[RT #16015]
2027. [port] libbind: Solaris x86 support. [RT #16020]
2026. [bug] Rate limit the two recursive client exceeded
messages.
[RT #16044]
2025. [func] Update "zone serial unchanged"
message. [RT #16026]
2024. [bug] named emited spurious "zone serial
unchanged"
messages on reload. [RT #16027]
2023. [bug] "make install" should create
$/run and
$ if they do not exist. [RT #16033]
2022. [bug] If dnssec validation is disabled only assert CD
if
CD was requested. [RT #16037]
2021. [bug] dnssec-enable no; triggered a REQUIRE. [RT
#16037]
2020. [bug] rdataset_setadditional() could leak memory. [RT
#16034]
2019. [tuning] Reduce the amount of work performed per
quantum
when cleaning the cache. [RT #15986]
2018. [bug] Checking if the HMAC MD5 private file was
broken.
[RT #15960]
2017. [bug] allow-query default was not correct. [RT
#15946]
2016. [bug] Return a partial answer if recursion is not
allowed but requested and we had the answer
to the original qname. [RT #15945]
--- 9.4.0a5 released ---
2015. [cleanup] use-additional-cache is now acache-enable
for
consistancy. Default acache-enable off in BIND 9.4
as it requires memory usage to be configured.
It may be enabled by default in BIND 9.5 once we
have more experience with it.
2014. [func] Statistics about acache now recorded and sent
to log. [RT #15976]
2013. [bug] Handle unexpected TSIGs on unsigned AXFR/IXFR
responses more gracefully. [RT #15941]
2012. [func] Don't insert new acache entries if acache is
full.
[RT #15970]
2011. [func] dnssec-signzone can now update the SOA record
of
the signed zone, either as an increment or as the
system time(). [RT #15633]
--- 9.4.0a4 released ---
2009. [bug] libbind: coverity fixes. [RT #15808]
2008. [func] It is now posssible to enable/disable DNSSEC
validation from rndc. This is useful for the
mobile hosts where the current connection point
breaks DNSSEC (firewall/proxy). [RT #15592]
rndc validation newstate [view]
2007. [func] It is now possible to explicitly enable DNSSEC
validation. default dnssec-validation no; to
be changed to yes in 9.5.0. [RT #15674]
2006. [security] Allow-query-cache and allow-recursion now
default
to the builtin acls "localnets" and
"localhost".
This is being done to make caching servers less
attractive as reflective amplifying targets for
spoofed traffic. This still leave authoritative
servers exposed.
The best fix is for full BCP 38 deployment to
remove spoofed traffic.
2005. [bug] libbind: Retransmission timeouts should be
based on which attempt it is to the nameserver
and not the nameserver itself. [RT #13548]
2004. [bug] dns_tsig_sign() could pass a NULL pointer to
dst_context_destroy() when cleaning up after a
error. [RT #15835]
2003. [bug] libbind: The DNS name/address lookup functions
could
occasionally follow a random pointer due to
structures not being completely zeroed. [RT #15806]
2002. [bug] libbind: tighten the constraints on when
struct addrinfo._ai_pad exists. [RT #15783]
2001. [func] Check the KSK flag when updating a secure
dynamic zone.
New zone option "update-check-ksk yes;". [RT
#15817]
2000. [bug] memmove()/strtol() fix was incomplete. [RT
#15812]
1999. [func] Implement "rrset-order fixed". [RT
#13662]
1998. [bug] Restrict handling of fifos as sockets to just
SunOS.
This allows named to connect to entropy gathering
daemons that use fifos instead of sockets. [RT #15840]
1997. [bug] Named was failing to replace negative cache
entries
when a positive one for the type was learnt.
[RT #15818]
1996. [bug] nsupdate: if a zone has been specified it
should
appear in the output of 'show'. [RT #15797]
1995. [bug] 'host' was reporting multiple "is an
alias" messages.
[RT #15702]
1994. [port] OpenSSL 0.9.8 support. [RT #15694]
1993. [bug] Log messsage, via syslog, were missing the
space
after the timestamp if "print-time yes" was
specified.
[RT #15844]
1992. [bug] Not all incoming zone transfer messages
included the
view. [RT #15825]
1991. [cleanup] The configuration data, once read, should be
treated
as readonly. Expand the use of const to enforce this
at compile time. [RT #15813]
1990. [bug] libbind: isc's override of broken
gettimeofday()
implementions was not always effective.
[RT #15709]
1989. [bug] win32: don't check the service password when
re-installing. [RT #15882]
1988. [bug] Remove a bus error from the SHA256/SHA512
support.
[RT #15878]
1987. [func] DS/DLV SHA256 digest algorithm support. [RT
#15608]
1986. [func] Report when a zone is removed. [RT #15849]
1985. [protocol] DLV has now been assigned a official type
code of
32769. [RT #15807]
Note: care should be taken to ensure you upgrade
both named and dnssec-signzone at the same time for
zones with DLV records where named is the master
server for the zone. Also any zones that contain
DLV records should be removed when upgrading a slave
zone. You do not however have to upgrade all
servers for a zone with DLV records simultaniously.
1984. [func] dig, nslookup and host now advertise a 4096
byte
EDNS UDP buffer size by default. [RT #15855]
1983. [func] Two new update policies.
"selfsub" and "selfwild".
[RT #12895]
1982. [bug] DNSKEY was being accepted on the parent side of
a delegation. KEY is still accepted there for
RFC 3007 validated updates. [RT #15620]
1981. [bug] win32: condition.c:wait() could fail to
reattain
the mutex lock.
1980. [func] dnssec-signzone: output the SOA record as the
first record in the signed zone. [RT #15758]
1979. [port] linux: allow named to drop core after changing
user ids. [RT #15753]
1978. [port] Handle systems which have a broken recvmsg().
[RT #15742]
1977. [bug] Silence noisy log message. [RT #15704]
1976. [bug] Handle systems with no IPv4 addresses. [RT
#15695]
1975. [bug] libbind: isc_gethexstring() could misparse
multi-line
hex strings with comments. [RT #15814]
1974. [doc] List each of the zone types and associated zone
options seperately in the ARM.
1973. [func] TSIG HMACSHA1, HMACSHA224, HMACSHA256,
HMACSHA384 and
HMACSHA512 support. [RT #13606]
1972. [contrib] DBUS dynamic forwarders integation from
Jason Vas Dias <jvdiasredhat.com>.
1971. [port] linux: make detection of missing IF_NAMESIZE
more
robust. [RT #15443]
1970. [bug] nsupdate: adjust UDP timeout when falling back
to
unsigned SOA query. [RT #15775]
1969. [bug] win32: the socket code was freeing the socket
structure too early. [RT #15776]
1968. [bug] Missing lock in resolver.c:validated(). [RT
#15739]
1967. [func] dig/nslookup/host: warn about missing
"QR". [RT #15779]
1966. [bug] Don't set CD when we have fallen back to plain
DNS.
[RT #15727]
1965. [func] Suppress spurious "recusion requested
but not
available" warning with 'dig +qr'. [RT #15780].
1964. [func] Seperate out MX and SRV to CNAME checks. [RT
#15723]
1963. [port] Tru64 4.0E doesn't support send() and recv().
[RT #15586]
1962. [bug] Named failed to clear old update-policy when it
was removed. [RT #15491]
1961. [bug] Check the port and address of responses
forwarded
to dispatch. [RT #15474]
1960. [bug] Update code should set NSEC ttls from SOA
MINIMUM.
[RT #15465]
1959. [func] Control the zeroing of the negative response
TTL to
a soa query. Defaults "zero-no-soa-ttl yes;"
and
"zero-no-soa-ttl-cache no;". [RT #15460]
1958. [bug] Named failed to update the zone's secure state
until the zone was reloaded. [RT #15412]
1957. [bug] Dig mishandled responses to class ANY queries.
[RT #15402]
1956. [bug] Improve cross compile support, 'gen' is now
built
by native compiler. See README for additional
cross compile support information. [RT #15148]
1955. [bug] Pre-allocate the cache cleaning interator. [RT
#14998]
1954. [func] Named now falls back to advertising EDNS with
a
512 byte receive buffer if the initial EDNS queries
fail. [RT #14852]
1953. [func] The maximum EDNS UDP response named will send
can
now be set in named.conf (max-udp-size). This is
independent of the advertised receive buffer
(edns-udp-size). [RT #14852]
1952. [port] hpux: tell the linker to build a runtime link
path "-Wl,+b:". [RT #14816].
1951. [security] Drop queries from particular well known
ports.
Don't return FORMERR to queries from particular
well known ports. [RT #15636]
1950. [port] Solaris 2.5.1 and earlier cannot bind() then
connect()
a TCP socket. This prevents the source address being
set for TCP connections. [RT #15628]
1949. [func] Addition memory leakage checks. [RT #15544]
1948. [bug] If was possible to trigger a REQUIRE failure in
xfrin.c:maybe_free() if named ran out of memory.
[RT #15568]
1947. [func] It is now possible to configure named to
accept
expired RRSIGs. Default "dnssec-accept-expired
no;".
Setting "dnssec-accept-expired yes;" leaves
named
vulnerable to replay attacks. [RT #14685]
1946. [bug] resume_dslookup() could trigger a REQUIRE
failure
when using forwarders. [RT #15549]
1945. [cleanup] dnssec-keygen: RSA (RSAMD5) is nolonger
recommended.
To generate a RSAMD5 key you must explicitly request
RSAMD5. [RT #13780]
1944. [cleanup] isc_hash_create() does not need a read/write
lock.
[RT #15522]
1943. [bug] Set the loadtime after rolling forward the
journal.
[RT #15647]
1597. [func] Allow notify-source and query-source to be
specified
on a per server basis similar to transfer-source.
[RT #6496]
--- 9.4.0a3 released ---
1942. [bug] If the name of a DNSKEY match that of one in
trusted-keys do not attempt to validate the DNSKEY
using the parents DS RRset. [RT #15649]
1941. [bug] ncache_adderesult() should set eresult even if
no
rdataset is passed to it. [RT #15642]
1940. [bug] Fixed a number of error conditions reported by
Coverity.
1939. [bug] The resolver could dereference a null pointer
after
validation if all the queries have timed out.
[RT #15528]
1938. [bug] The validator was not correctly handling
unsecure
negative responses at or below a SEP. [RT #15528]
1937. [bug] sdlz doesn't handle RRSIG records. [RT #15564]
1936. [bug] The validator could leak memory. [RT #15544]
1935. [bug] 'acache' was DO sensitive. [RT #15430]
1934. [func] Validate pending NS RRsets, in the authority
section,
prior to returning them if it can be done without
requiring DNSKEYs to be fetched. [RT #15430]
1919. [contrib] queryperf: a set of new features:
collecting/printing
response delays, printing intermediate results, and
adjusting query rate for the "target" qps.
--- 9.4.0a2 released ---
1933. [bug] dump_rdataset_raw() had a incorrect INSIST. [RT
#15534]
1932. [bug] hpux: LDFLAGS was getting corrupted. [RT
#15530]
1931. [bug] Per-client mctx could require a huge amount of
memory,
particularly for a busy caching server. [RT #15519]
1930. [port] HPUX: ia64 support. [RT #15473]
1929. [port] FreeBSD: extend use of PTHREAD_SCOPE_SYSTEM.
1928. [bug] Race in rbtdb.c:currentversion(). [RT #15517]
1927. [bug] Access to soanode or nsnode in rbtdb violated
the
lock order rule and could cause a dead lock.
[RT# 15518]
1926. [bug] The Windows installer did not check for empty
passwords. BINDinstall was being installed in
the wrong place. [RT #15483]
1925. [port] All outer level AC_TRY_RUNs need cross
compiling
defaults. [RT #15469]
1924. [port] libbind: hpux ia64 support. [RT #15473]
1923. [bug] ns_client_detach() called too early. [RT
#15499]
1922. [bug] check-tool.c:setup_logging() missing call to
dns_log_setcontext().
1921. [bug] Client memory contexts were not using internal
malloc. [RT# 15434]
1920. [bug] The cache rbtdb lock array was too small to
have the desired performance characteristics.
[RT #15454]
--- 9.4.0a1 released ---
|