[Bug 283308] dns/nsd: Update to 4.11.0

Reply: bugzilla-noreply_a_freebsd.org: "[Bug 283308] dns/nsd: Update to 4.11.0"
Reply: bugzilla-noreply_a_freebsd.org: "[Bug 283308] dns/nsd: Update to 4.11.0"
Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: <bugzilla-noreply_at_freebsd.org>
Date: Fri, 13 Dec 2024 13:08:42 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=283308

            Bug ID: 283308
           Summary: dns/nsd: Update to 4.11.0
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
               URL: https://www.nlnetlabs.nl/news/2024/Dec/12/nsd-4.11.0-r
                    eleased/
                OS: Any
            Status: New
          Severity: Affects Many People
          Priority: ---
         Component: Individual Port(s)
          Assignee: ports-bugs@FreeBSD.org
          Reporter: jaap@NLnetLabs.nl
 Attachment #255837 maintainer-approval+
             Flags:

Created attachment 255837
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=255837&action=edit
Patch to upgrade

Fixes alo bug #281266


One notable feature is that configuration can be reloaded and evaluated
on SIGHUP, when enabled with the new "reload-config" option. Also, DNS
cookie secrets will be reevaluated from config too.

One notable bugfix is to process and apply non transfer tasks before
transfer tasks during reloads. Before, non transfer tasks (such as
adding or deleting zones) would be lost when batched together with a
transfer task that would fail to apply.

nsd 4.11.0
==========
FEATURES:
   - Support reloading configuration on SIGHUP.
   - Fix #383: log timestamps in ISO8601 format with timezone.
     This adds the option `log-time-iso: yes` that logs in ISO8601
     format.
   - Updated cookie secrets management.
     The default cookie secret file location can be set at compile time
     with the --with-cookiesecretsfile=path option to configure. The
     default location is changed to {dbdir}/cookiesecrets.txt. The
     previous default location will be checked at startup when there is
     no cookie secrets file at the new default location.
     A staging cookie can now also be configured in the configuration
     file and secrets configured in the configuration file now take
     precedence over those read from file.
     All DNS related setting in the configuration file will be
     reevaluated and effectuated after nsd-control reconfig.
   - Merge #398: RFC 9660 The DNS Zone Version (ZONEVERSION) Option
   - Merge #406: ohttp and tls-supported-groups SvcParam suppor
   - Merge #408: NINFO, RKEY, RESINFO, WALLET, CLA and TA RR types
   - Merge #409: Writing of NSAP-PTR, GPOS and HIP RR types
   - Merge #407: Better balanced verbosity levels for logging.

BUG FIXES:
   - Fix title underline and declaration after statement warnings.
   - Add cross platform freebsd, openbsd and netbsd to github ci.
   - Update simdzone to include fix for netbsd double bswap declarations,
     and also semantic checks for DS and ZONEMD. And CFLAGS has -march
     prepended to fix detection.
   - Merge #376: Point the user towards tcpdump for logging individual
     queries.
   - Track $INCLUDEs in zone files.
   - Fix ci to update macos-12 to the macos-15 runner image.
   - Merge #390: Apply non-xfr tasks before xfr tasks.
     This fixes an issue where non-xfr tasks are lost when they are
     batch processed together with non-xfr tasks.
     This merge also changes that notifies are passed on from the serve
     processes to the xfrd directly instead of via main. This was
     necessary to allow applying the non-xfr tasks without forking a
     backup-main for the sole purpose of forwarding notifies.
   - Merge #391: Update copyright lines (in version output).
   - Fix #392: Inconsistent documentation about control-interface.
   - Merge #395: Explain the zonefile example better.
   - Merge #394: Fix the path to use doc/manual/.
   - Fix analyzer issue in do_print_cookie_secrets to check for failure.
   - Merge #404: Introducing Sphinx substitution in code blocks.
     As well as other fixes with Sphinx build.
   - Update Copyright lines in help output
   - Merge #395: Explain zonefile example better
   - Merge #394: Fix doc path (fixes "Edit on GitHub" button in the docs)
   - Fix Makefile for parallel build failure around bison rule.
   - Fix #405: Fix typo in documentation.
   - Treat a mismatch in RRset TTLs as a warning.

simdzone 0.2.0
==============
FEATURES:

   - Add semantic checks for DS and ZONEMD digests (NLnetLabs/nsd#205).
   - Support registering a callback for $INCLUDE entries
     (NLnetLabs/nsd#229).
   - Add tls-supported-groups SvcParam support.
   - Check iana registries for unimplemented (new) RR types and
     SvcParamKeys.
   - Add support for NINFO, RKEY, RESINFO, WALLET, CLA and TA RR types.

BUG FIXES:
   - Prepend -march to CFLAGS to fix architecture detection
     (NLnetLabs/nsd#372).
   - Fix propagation of implicit TTLs (NLnetLabs/nsd#375).
   - Fix detection of Westmere architecture by checking for CLMUL too.
   - Fix compilation on NetBSD (#233).
   - Fix reading specialized symbolic links (NLnetLabs/nsd#380).

-- 
You are receiving this mail because:
You are the assignee for the bug.