Commit Message
For details see:
https://downloads.isc.org/isc/bind9/9.20.17/doc/arm/html/notes.html#notes-for-bind-9-20-17
"Notes for BIND 9.20.17
Feature Changes
Reduce the number of outgoing queries.
Reduce the number of outgoing queries when resolving the nameservers
for delegation points. This helps a DNS resolver with a cold cache
resolve client queries with complex delegation chains and redirections.
[GL !11148]
Provide more information when memory allocation fails.
BIND now provides more information about the failure when memory
allocation fails. [GL !11272]
Bug Fixes
Adding NSEC3 opt-out records could leave invalid records in chain.
When creating an NSEC3 opt-out chain, a node in the chain could be
removed too soon. The previous NSEC3 would therefore not be found,
resulting in invalid NSEC3 records being left in the zone. This has
been fixed. [GL #5671]
Fix spurious timeouts while resolving names.
Sometimes, loops in the resolving process (e.g., to resolve or validate
ns1.example.com, we need to resolve ns1.example.com) were not properly
detected, leading to a spurious 10-second delay. This has been fixed,
and such loops are properly detected. [GL #3033] [GL #5578]
Fix bug where zone switches from NSEC3 to NSEC after retransfer.
When a zone was re-transferred but the zone journal on an
inline-signing secondary was out of sync, the zone could fall back to
using NSEC records instead of NSEC3. This has been fixed. [GL #5527]
AMTRELAY type 0 presentation format handling was wrong.
RFC 8777 specifies a placeholder value of . for the gateway field when
the gateway type is 0 (no gateway). This was not being checked for, nor
was it emitted when displaying the record. This has been corrected.
Instances of this record will need the placeholder period added to them
when upgrading. [GL #5639]
Fix parsing bug in remote-servers with key or TLS.
The remote-servers clause enables the following pattern using a named
server-list:
remote-servers a { 1.2.3.4; ... };
remote-servers b { a key foo; };
However, such a configuration was wrongly rejected, with an unexpected
token 'foo' error. This configuration is now accepted. [GL #5646]
Fix DoT reconfigure/reload bug in the resolver.
If client-side TLS transport was in use (for example, when forwarding
queries to a DoT server), named could terminate unexpectedly when
reconfiguring or reloading. This has been fixed. [GL #5653]"
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
---
config/rootfiles/common/bind | 10 +++++-----
lfs/bind | 4 ++--
2 files changed, 7 insertions(+), 7 deletions(-)
@@ -241,18 +241,18 @@ usr/bin/nsupdate
#usr/include/ns/types.h
#usr/include/ns/update.h
#usr/include/ns/xfrout.h
-usr/lib/libdns-9.20.16.so
+usr/lib/libdns-9.20.17.so
#usr/lib/libdns.la
#usr/lib/libdns.so
-usr/lib/libisc-9.20.16.so
+usr/lib/libisc-9.20.17.so
#usr/lib/libisc.la
#usr/lib/libisc.so
-usr/lib/libisccc-9.20.16.so
+usr/lib/libisccc-9.20.17.so
#usr/lib/libisccc.la
#usr/lib/libisccc.so
-usr/lib/libisccfg-9.20.16.so
+usr/lib/libisccfg-9.20.17.so
#usr/lib/libisccfg.la
#usr/lib/libisccfg.so
-usr/lib/libns-9.20.16.so
+usr/lib/libns-9.20.17.so
#usr/lib/libns.la
#usr/lib/libns.so
@@ -25,7 +25,7 @@
include Config
-VER = 9.20.16
+VER = 9.20.17
THISAPP = bind-$(VER)
DL_FILE = $(THISAPP).tar.xz
@@ -43,7 +43,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 1a083efbd7a95df8c9c05966681be577cb119f1a75292cbf65a31cdf0fc7677a70834be4f8599984635b9ea09a909c1453b489e920e5f27502ab2b496aa278b0
+$(DL_FILE)_BLAKE2 = a3bfb881f3439750ddc1d94da674ed91e6447f101f2c20eb5f4472614b45b5f2af73f197712e18c891e774ed6e95fc811df1e3494c2b863b2544da19790ecf05
install : $(TARGET)