追っかけ

bind

人気の記事:

コメント

  1. mikiT より:

    BIND 8.4.5 Release Candidate 1 (8.4.5-RC1)

    BIND 8.4.5-RC1 is a maintenance release candidate of BIND 8.4.

    Highlights.

    Maintenance Release.

    nsupdate: The use of a blank line to cause a update request

    to be sent is deprecated. Use “send” instead.

  2. mikiT より:

    BIND 9.2.4rc2 is now available.

    BIND 9.2.4rc2 is a maintenance release candidate for BIND 9.2.

  3. mikiT より:

    BIND 9.3.0beta2 is now available.

    BIND 9.3.0beta2 is a beta release candidate for BIND 9.3.

    BIND 9.3.0 has a number of new features over 9.2,

    including:

    DNSSEC is now DS based.

    See doc/draft/draft-ietf-dnsext-dnssec-*

    DNSSEC lookaside validation (experimental).

    check-names is now implemented.

    rrset-order in more complete.

    IPv4/IPv6 transition support, dual-stack-servers.

    IXFR deltas can now be generated when loading master files,

    ixfr-from-differences.

    It is now possible to specify the size of a journal, max-journal-size.

    It is now possible to define a named set of master servers to be

    used in masters clause, masters.

    The advertised EDNS UDP size can now be set, edns-udp-size.

    allow-v6-synthesis has been obsoleted.

    NOTE:

    * Zones containing MD and MF will now be rejected.

    * dig, nslookup name. now report “Not Implemented” as

    NOTIMP rather than NOTIMPL. This will have impact on scripts

    that are looking for NOTIMPL.

    libbind: corresponds to that from BIND 8.4.5.

    KNOWN ISSUES:

    Fencepost errors in dns_name_ishostname() and dns_name_ismailbox()

    could trigger a INSIST(). Apply patch1 to address this issue.

    When specifying check-names at the view/options level you

    need to specify all of master, slave and response. This

    will be fixed in the next beta.

    Builds will fail on machines w/o if_nametoindex(). Missing

    #ifdef ISC_PLATFORM_HAVEIFNAMETOINDEX/#endif.

  4. mikiT より:

    というわけで、9.2.3 以来沈黙を守っていた bind ですが、久々に動きがありました。

    9.2.4 の highlight が出てないけど、そいうもんなのかな。

  5. mikiT より:

    BIND 9.3.0beta3 is now available.

    BIND 9.2.4rc3 is now available.

    約10日で次が出ました。

    良いペースですね。

    今月中にはリリースされる..かな?

  6. 9.3.0 beta3入れるかのぉ…

    しかし、cvs coしてとれないのがつまらん(ぉ

  7. mikiT より:

    BIND 9.3.0beta4 is now available

    BIND 9.2.4rc4 is now available.

    . つけ忘れかな?

  8. NetBSD-currentおっかけしてたらbind9になりますた

  9. mikiT より:

    BIND 8.4.5 Release Candidate 3 (8.4.5-RC3)

    もでてた。

    bind9 のバージョンいくつ? >NetBSD-current

  10. koji より:

    8.4.5-RC4, 9.2.4rc5, 9.3.0rc1 が出ましたね。

  11. koji より:

    うーむ。まだリリースにならんか。

    7/6 8.4.5-RC5, 9.2.4rc6, 9.3.0rc2

  12. mikiT より:

    BIND 8.4.5 Release Candidate 6 (8.4.5-RC6)

    BIND 9.2.4rc7 is now available.

    rc7 って…

  13. mikiT より:

    BIND 9.3.0rc3 is now available.

    いつリリースになるかな〜

  14. koji より:

    9/4 8.4.5-RC7 9.2.4rc8 9.3.0rc4

    引っ張るなぁ

  15. gankutsu より:

    出ました。

    BIND 8.4.5

    BIND 9.2.4

    BIND 9.3.0

    家に帰ったら触ってみようかな。

  16. mikiT より:

    BIND 8.4.6-REL is a security release of BIND 8.4.

    It is possible to remotely trigger a overrun causing a

    denial of service. If you are running BIND 8.4.4 or

    BIND 8.4.5 you should upgrade.

    BIND 9.3.1beta2 is a beta maintenance release for BIND 9.3.

    BIND 9.2.5beta2 is a beta maintenance release for BIND 9.2.

    8.4.6 はセキュリティ問題によるリリースだそうです。

  17. koji より:

    8.4.4 or 8.4.5 を recursive で使ってる場合は、8.4.6 に上げたほうがいいですね。

    9.3.0にもセキュリティホールがあるみたいだけど、DNSSECを使っていなければ問題ないみたい。

  18. mikiT より:

    BIND 9.2.5rc1 is now available.

    1812. [port] win32: IN6_IS_ADDR_UNSPECIFIED macro is incorrect. [RT #13453]

    1808. [bug] zone.c:notify_zone() contained a race condition, zone->db could change underneath it. [RT #13511]

    BIND 9.3.1rc1 is now available.

    1812. [port] win32: IN6_IS_ADDR_UNSPECIFIED macro is incorrect. [RT #13453]

    1808. [bug] zone.c:notify_zone() contained a race condition, zone->db could change underneath it. [RT #13511]

    1806. [bug] The resolver returned the wrong result when a CNAME / DNAME was encountered when fetching glue from a secure namespace. [RT #13501]

    1805. [bug] Pending status was not being cleared when DLV was active. [RT #13501]

  19. mikiT より:

    BIND 9.2.5 is now available.

    9.2.5rc1 がそのままリリースされたようです。

    BIND 9.3.1 is now available.

    1818. [bug] ‘named-checkconf -z’ triggered an INSIST. [RT #13599]

  20. mikiT より:

    9.2.6 beta 1、9.3.2 beta 1、8.4.7 beta 1 がリリースされました。

    9系の changlog は長過ぎるので割愛。

    DNSSECまわり、メモリリークがいくつか、ドキュメントの整理、dig のバグフィクス、が目についたかな。

    8.4.7 beta 1 は、8.4.7-T1B そのままのようです。

  21. mikiT より:

    10/26 に

    8.4.7beta2、9.2.6beta2、9.3.2beta2 が出てました。

    — 8.4.7-T2B released — (Mon Oct 10 16:56:51 PDT 2005)

    1720. [port] src/bin/nslookup/commands.c, src/bin/named/ns_parser.c and src/bin/named/ns_parser.h are no longer pre-built as part of building the source tarball.

    If you still need them then they are available as:

    src/bin/nslookup/commands.c.dist

    src/bin/named/ns_parser.c.dist

    src/bin/named/ns_parser.h.dist

    1719. [port] HPUX-IA64 support.

    — 9.2.6b2 released —

    1930. [port] HPUX: ia64 support. [RT #15473]

    1929. [port] FreeBSD: extend use of PTHREAD_SCOPE_SYSTEM.

    1926. [bug] BINDinstall was being installed in the wrong place. [RT #15483]

    1925. [port] All outer level AC_TRY_RUNs need cross compiling defaults. [RT #15469]

    1924. [port] libbind: hpux ia64 support. [RT #15473]

    1923. [bug] ns_client_detach() called too early. [RT #15499]

    — 9.3.2b2 released —

    1930. [port] HPUX: ia64 support. [RT #15473]

    1929. [port] FreeBSD: extend use of PTHREAD_SCOPE_SYSTEM.

    1926. [bug] The Windows installer did not check for empty passwords. BINDinstall was being installed in the wrong place. [RT #15483]

    1925. [port] All outer level AC_TRY_RUNs need cross compiling defaults. [RT #15469]

    1924. [port] libbind: hpux ia64 support. [RT #15473]

    1923. [bug] ns_client_detach() called too early. [RT #15499]

  22. mikiT より:

    12/2 に

    8.4.7rc1、9.2.6rc1、9.3.2rc が出てます。

    — 8.4.7-RC1 released — (Tue Nov 29 14:11:39 PST 2005)

    1722. [bug] named was leaking a internal rcode.

    1721. [bug] Change #1718 was incomplete. Missing error return on out of memory.

    — 9.2.6rc1 released —

    1932. [bug] hpux: LDFLAGS was getting corrupted. [RT #15530]

    — 9.3.2rc1 released —

    1936. [bug] The validator could leak memory. [RT #15544]

    1932. [bug] hpux: LDFLAGS was getting corrupted. [RT #15530]

  23. mikiT より:

    8.4.7, 9.2.6, 9.3.2 が出てます。

    8.4.7, 9.3.2 は RC1 から変更なし

    9.2.6 の changelog は以下の通り。

    — 9.2.6rc1 released —

    1932. [bug] hpux: LDFLAGS was getting corrupted. [RT #15530]

  24. mikiT より:

    BIND 9.4.0a5 is now available.

    ということで、9.4 のαリリースが出ました。

    ざっと見ましたが、新しい機能が山盛りですねぇ。

    ゾーンファイルの読み込み高速化のため、named-compilezone という外部コマンドでゾーンファイルを「新しいフォーマット」にして、named に読み込ませることができるようになりました。

    これは嬉しいなぁ。

    clients-per-query max-clients-per-query で client 毎に query を制限できるようになりました。DDoS の対策でしょうか。

    rndc コマンドで個別に notify を送れるようになりました。

    allow-update が view/option レベルで設定できるようになったのは、大規模サイトでは嬉しいかもしれません。

    Report when a zone is removed. というのも細かいけど運用者としては嬉しい。

    Don’t send notify messages to self. って、今まで送ってたのか!?

    原文はこちら

    http://marc.theaimsgroup.com/?l=bind-announce&m=114712092323799&w=2

  25. mikiT より:

    BIND 9.4.0a6 is now available.

    a5 が出て約一ヶ月ですか。

    — 9.4.0a6 released —

    2032. [bug] Remove a INSIST in query_addadditional2(). [RT #16074]

    2031. [bug] Emit a error message when “rndc refresh” is called on a non slave/stub zone. [RT # 16073]

    2030. [bug] We were being overly conservative when disabling openssl engine support. [RT #16030]

    2029. [bug] host printed out the server multiple times when specified on the command line. [RT #15992]

    2028. [port] linux: socket.c compatability for old systems. [RT #16015]

    2027. [port] libbind: Solaris x86 support. [RT #16020]

    2026. [bug] Rate limit the two recursive client exceeded messages. [RT #16044]

    2025. [func] Update “zone serial unchanged” message. [RT #16026]

    2024. [bug] named emited spurious “zone serial unchanged” messages on reload. [RT #16027]

    2023. [bug] “make install” should create ${localstatedir}/run and ${sysconfdir} if they do not exist. [RT #16033]

    2022. [bug] If dnssec validation is disabled only assert CD if CD was requested. [RT #16037]

    2021. [bug] dnssec-enable no; triggered a REQUIRE. [RT #16037]

    2020. [bug] rdataset_setadditional() could leak memory. [RT #16034]

    2019. [tuning] Reduce the amount of work performed per quantum when cleaning the cache. [RT #15986]

    2018. [bug] Checking if the HMAC MD5 private file was broken. [RT #15960]

    2017. [bug] allow-query default was not correct. [RT #15946]

    2016. [bug] Return a partial answer if recursion is not allowed but requested and we had the answer to the original qname. [RT #15945]

  26. mikiT より:

    BIND 9.3.3b1 is now available.

    ということで、9.3.3 の b1 が出てます。

    changelog なんか大量なんですけど。

    [bug] となっていますが、細かく機能追加もされているようです。

    [security] の文字も見えますね。

    2031. [bug] Emit a error message when “rndc refresh” is called on a non slave/stub zone. [RT # 16073]

    2030. [bug] We were being overly conservative when disabling openssl engine support. [RT #16030]

    2029. [bug] host printed out the server multiple times when specified on the command line. [RT #15992]

    2028. [port] linux: socket.c compatability for old systems. [RT #16015]

    2027. [port] libbind: Solaris x86 support. [RT #16020]

    2026. [bug] Rate limit the two recursive client exceeded messages. [RT #16044]

    2024. [bug] named emited spurious “zone serial unchanged” messages on reload. [RT #16027]

    2023. [bug] “make install” should create ${localstatedir}/run and ${sysconfdir} if they do not exist. [RT #16033]

    2016. [bug] Return a partial answer if recursion is not allowed but requested and we had the answer to the original qname. [RT #15945]

    2013. [bug] Handle unexpected TSIGs on unsigned AXFR/IXFR responses more gracefully. [RT #15941]

    2009. [bug] libbind: coverity fixes. [RT #15808]

    2005. [bug] libbind: Retransmission timeouts should be based on which attempt it is to the nameserver and not the nameserver itself. [RT #13548]

    2004. [bug] dns_tsig_sign() could pass a NULL pointer to dst_context_destroy() when cleaning up after a error. [RT #15835]

    2003. [bug] libbind: The DNS name/address lookup functions could occasionally follow a random pointer due to structures not being completely zeroed. [RT #15806]

    2002. [bug] libbind: tighten the constraints on when struct addrinfo._ai_pad exists. [RT #15783]

    2000. [bug] memmove()/strtol() fix was incomplete. [RT #15812]

    1998. [bug] Restrict handling of fifos as sockets to just SunOS. This allows named to connect to entropy gathering daemons that use fifos instead of sockets. [RT #15840]

    1997. [bug] Named was failing to replace negative cache entries when a positive one for the type was learnt. [RT #15818]

    1995. [bug] ‘host’ was reporting multiple “is an alias” messages. [RT #15702]

    1994. [port] OpenSSL 0.9.8 support. [RT #15694]

    1993. [bug] Log messsage, via syslog, were missing the space after the timestamp if “print-time yes” was specified. [RT #15844]

    1991. [cleanup] The configuration data, once read, should be treated as readonly. Expand the use of const to enforce this at compile time. [RT #15813]

    1990. [bug] libbind: isc’s override of broken gettimeofday() implementions was not always effective. [RT #15709]

    1989. [bug] win32: don’t check the service password when re-installing. [RT #15882]

    1985. [protocol] DLV has now been assigned a official type code of 32769. [RT #15807]

    Note: care should be taken to ensure you upgrade both named and dnssec-signzone at the same time for zones with DLV records where named is the master server for the zone. Also any zones that contain DLV records should be removed when upgrading a slave zone. You do not however have to upgrade all servers for a zone with DLV records simultaniously.

    1982. [bug] DNSKEY was being accepted on the parent side of a delegation. KEY is still accepted there for RFC 3007 validated updates. [RT #15620]

    1981. [bug] win32: condition.c:wait() could fail to reattain the mutex lock.

    1979. [port] linux: allow named to drop core after changing user ids. [RT #15753]

    1978. [port] Handle systems which have a broken recvmsg(). [RT #15742]

    1977. [bug] Silence noisy log message. [RT #15704]

    1976. [bug] Handle systems with no IPv4 addresses. [RT #15695]

    1975. [bug] libbind: isc_gethexstring() could misparse multi-line hex strings with comments. [RT #15814]

    1974. [doc] List each of the zone types and associated zone options seperately in the ARM.

    1972. [contrib] DBUS dynamic forwarders integation from Jason Vas Dias <jvdias@redhat.com>.

    1971. [port] linux: make detection of missing IF_NAMESIZE more robust. [RT #15443]

    1970. [bug] nsupdate: adjust UDP timeout when falling back to unsigned SOA query. [RT #15775]

    1969. [bug] win32: the socket code was freeing the socket structure too early. [RT #15776]

    1968. [bug] Missing lock in resolver.c:validated(). [RT #15739]

    1966. [bug] Don’t set CD when we have fallen back to plain DNS. [RT #15727]

    1963. [port] Tru64 4.0E doesn’t support send() and recv(). [RT #15586]

    1962. [bug] Named failed to clear old update-policy when it was removed. [RT #15491]

    1961. [bug] Check the port and address of responses forwarded to dispatch. [RT #15474]

    1960. [bug] Update code should set NSEC ttls from SOA MINIMUM. [RT #15465]

    1958. [bug] Named failed to update the zone’s secure state until the zone was reloaded. [RT #15412]

    1957. [bug] Dig mishandled responses to class ANY queries. [RT #15402]

    1956. [bug] Improve cross compile support, ‘gen’ is now built by native compiler. See README for additional cross compile support information. [RT #15148]

    1955. [bug] Pre-allocate the cache cleaning interator. [RT #14998]

    1952. [port] hpux: tell the linker to build a runtime link path “-Wl,+b:”. [RT #14816].

    1951. [security] Drop queries from particular well known ports. Don’t return FORMERR to queries from particular well known ports. [RT #15636]

    1950. [port] Solaris 2.5.1 and earlier cannot bind() then connect() a TCP socket. This prevents the source address being set for TCP connections. [RT #15628]

    1948. [bug] If was possible to trigger a REQUIRE failure in xfrin.c:maybe_free() if named ran out of memory. [RT #15568]

    1946. [bug] resume_dslookup() could trigger a REQUIRE failure when using forwarders. [RT #15549]

    1944. [cleanup] isc_hash_create() does not need a read/write lock. [RT #15522]

    1943. [bug] Set the loadtime after rolling forward the journal. [RT #15647]

    1942. [bug] If the name of a DNSKEY match that of one in trusted-keys do not attempt to validate the DNSKEY using the parents DS RRset. [RT #15649]

    1941. [bug] ncache_adderesult() should set eresult even if no rdataset is passed to it. [RT #15642]

    1940. [bug] Fixed a number of error conditions reported by Coverity.

    1939. [bug] The resolver could dereference a null pointer after validation if all the queries have timed out. [RT #15528]

    1938. [bug] The validator was not correctly handling unsecure negative responses at or below a SEP. [RT #15528]

    1919. [contrib] queryperf: a set of new features: collecting/printing response delays, printing intermediate results, and adjusting query rate for the “target” qps.

  27. mikiT より:

    BIND 9.2.7 Beta 1 is now available.

    というわけで出てます。

    ほとんどが 9.3.3b1 で行われた変更ですね。

    2030. [bug] We were being overly conservative when disabling openssl engine support. [RT #16030]

    2028. [port] linux: socket.c compatability for old systems. [RT #16015]

    2027. [port] libbind: Solaris x86 support. [RT #16020]

    2026. [bug] Rate limit the recursive client exceeded message. [RT #16044]

    2024. [bug] named emited spurious “zone serial unchanged” messages on reload. [RT #16027]

    2023. [bug] “make install” should create ${localstatedir}/run and ${sysconfdir} if they do not exist. [RT #16033]

    2016. [bug] Return a partial answer if recursion is not allowed but requested and we had the answer to the original qname. [RT #15945]

    2013. [bug] Handle unexpected TSIGs on unsigned AXFR/IXFR responses more gracefully. [RT #15941]

    2009. [bug] libbind: coverity fixes. [RT #15808]

    2005. [bug] libbind: Retransmission timeouts should be based on which attempt it is to the nameserver and not the nameserver itself. [RT #13548]

    2004. [bug] dns_tsig_sign() could pass a NULL pointer to dst_context_destroy() when cleaning up after a error. [RT #15835]

    2003. [bug] libbind: The DNS name/address lookup functions could occasionally follow a random pointer due to structures not being completely zeroed. [RT #15806]

    2002. [bug] libbind: tighten the constraints on when struct addrinfo._ai_pad exists. [RT #15783]

    1997. [bug] Named was failing to replace negative cache entries when a positive one for the type was learnt. [RT #15818]

    1994. [port] OpenSSL 0.9.8 support. [RT #15694]

    1991. [cleanup] The configuration data, once read, should be treated as readonly. Expand the use of const to enforce this at compile time. [RT #15813]

    1990. [bug] libbind: isc’s override of broken gettimeofday() implementions was not always effective. [RT #15709]

    1981. [bug] win32: condition.c:wait() could fail to reattain the mutex lock.

    1979. [port] linux: allow named to drop core after changing user ids. [RT #15753]

    1978. [port] Handle systems which have a broken recvmsg(). [RT #15742]

    1977. [bug] Silence noisy log message. [RT #15704]

    1976. [bug] Handle systems with no IPv4 addresses. [RT #15695]

    1975. [bug] libbind: isc_gethexstring() could misparse multi-line hex strings with comments. [RT #15814]

    1974. [doc] List each of the zone types and associated zone options seperately in the ARM.

    1972. [contrib] DBUS dynamic forwarders integation from Jason Vas Dias <jvdias@redhat.com>.

    1971. [port] linux: make detection of missing IF_NAMESIZE more robust. [RT #15443]

    1969. [bug] win32: the socket code was freeing the socket structure too early. [RT #15776]

    1966. [bug] Don’t set CD when we have fallen back to plain DNS. [RT #15727]

    1962. [bug] Named failed to clear old update-policy when it was removed. [RT #15491]

    1961. [bug] Check the port and address of responses forwarded to dispatch. [RT #15474]

    1960. [bug] Update code should set NXT ttls from SOA MINIMUM. [RT #15465]

    1958. [bug] Named failed to update the zone’s secure state until the zone was reloaded. [RT #15412]

    1957. [bug] Dig mishandled responses to class ANY queries. [RT #15402]

    1956. [bug] Improve cross compile support, ‘gen’ is now built by native compiler. See README for additional cross compile support information. [RT #15148]

    1955. [bug] Pre-allocate the cache cleaning interator. [RT #14998]

    1952. [port] hpux: tell the linker to build a runtime link path “-Wl,+b:”. [RT #14816].

    1951. [security] Drop queries from particular well known ports. Don’t return FORMERR to queries from particular well known ports. [RT #15636]

    1950. [port] Solaris 2.5.1 and earlier cannot bind() then connect() a TCP socket. This prevents the source address being set for TCP connections. [RT #15628]

    1948. [bug] If was possible to trigger a REQUIRE failure in xfrin.c:maybe_free() if named ran out of memory. [RT #15568]

    1944. [cleanup] isc_hash_create() does not need a read/write lock. [RT #15522]

    1943. [bug] Set the loadtime after rolling forward the journal. [RT #15647]

    1940. [bug] Fixed a number of error conditions reported by Coverity.

  28. silencejoker より:

    ども。はじめまして!!!

    bind関係で調べていてここまでたどりつきました!