BIND 9.6-ESV-R2 is now available.
BIND 9.6-ESV-R2 is revision 1 of the extended release version
for BIND 9.6.
BIND 9.6-ESV-R2 can be downloaded from
ftp://ftp.isc.org/isc/bind9/9.6-ESV-R2/bind-9.6-ESV-R2.tar.gz
The PGP signature of the distribution is at
ftp://ftp.isc.org/isc/bind9/9.6-ESV-R2/bind-9.6-ESV-R2.tar.gz.asc
ftp://ftp.isc.org/isc/bind9/9.6-ESV-R2/bind-9.6-ESV-R2.tar.gz.sha256.asc
ftp://ftp.isc.org/isc/bind9/9.6-ESV-R2/bind-9.6-ESV-R2.tar.gz.sha512.asc
The signature was generated with the ISC public key, which is
available at <https://www.isc.org/about/openpgp>.
A binary kit for Windows XP and Window 2003 is at
ftp://ftp.isc.org/isc/bind9/9.6-ESV-R2/BIND9.6-ESV-R2.zip
ftp://ftp.isc.org/isc/bind9/9.6-ESV-R2/BIND9.6-ESV-R2.debug.zip
The PGP signature of the binary kit for Windows XP and Window 2003 is at
ftp://ftp.isc.org/isc/bind9/9.6-ESV-R2/BIND9.6-ESV-R2.zip.asc
ftp://ftp.isc.org/isc/bind9/9.6-ESV-R2/BIND9.6-ESV-R2.zip.sha256.asc
ftp://ftp.isc.org/isc/bind9/9.4-ESV-R2/BIND9.6-ESV-R2.zip.sha512.asc
ftp://ftp.isc.org/isc/bind9/9.6-ESV-R2/BIND9.6-ESV-R2.debug.zip.asc
ftp://ftp.isc.org/isc/bind9/9.6-ESV-R2/BIND9.6-ESV-R2.debug.zip.sha256.asc
ftp://ftp.isc.org/isc/bind9/9.6-ESV-R2/BIND9.6-ESV-R2.debug.zip.sha512.asc
Changes since 9.6-ESV.
--- 9.6-ESV-R2 released ---
2939. [func] Check that named successfully skips NSEC3 records
that fail to match the NSEC3PARAM record currently
in use. [RT# 21868]
2937. [bug] Worked around an apparent race condition in over
memory conditions. Without this fix a DNS cache DB or
ADB could incorrectly stay in an over memory state,
effectively refusing further caching, which
subsequently made a BIND 9 caching server unworkable.
This fix prevents this problem from happening by
polling the state of the memory context, rather than
making a copy of the state, which appeared to cause
a race. This is a "workaround" in that it doesn't
solve the possible race per se, but several experiments
proved this change solves the symptom. Also, the
polling overhead hasn't been reported to be an issue.
This bug should only affect a caching server that
specifies a finite max-cache-size. It's also quite
likely that the bug happens only when enabling threads,
but it's not confirmed yet. [RT #21818]
2925. [bug] Named failed to accept uncachable negative responses
from insecure zones. [RT# 21555]
2921. [bug] The resolver could attempt to destroy a fetch context
too soon. [RT #19878]
2900. [bug] The placeholder negative caching element was not
properly constructed triggering a INSIST in
dns_ncache_towire(). [RT #21346]
2890. [bug] Handle the introduction of new trusted-keys and
DS, DLV RRsets better. [RT #21097]
2869. [bug] Fix arguments to dns_keytable_findnextkeynode() call.
[RT #20877]
--- 9.6-ESV-R1 released ---
2876. [bug] Named could return SERVFAIL for negative responses
from unsigned zones. [RT #21131]
--- 9.6-ESV released ---
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
