87 lines
2.7 KiB
XML
87 lines
2.7 KiB
XML
<!--
|
|
- Copyright (C) Internet Systems Consortium, Inc. ("ISC")
|
|
-
|
|
- This Source Code Form is subject to the terms of the Mozilla Public
|
|
- License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
- file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
|
-
|
|
- See the COPYRIGHT file distributed with this work for additional
|
|
- information regarding copyright ownership.
|
|
-->
|
|
|
|
<section xml:id="relnotes-9.16.3"><info><title>Notes for BIND 9.16.3</title></info>
|
|
|
|
<section xml:id="relnotes-9.16.3-security"><info><title>Security Fixes</title></info>
|
|
<itemizedlist>
|
|
<listitem>
|
|
<para>
|
|
A bug in dnstap initialization could prevent some dnstap data from
|
|
being logged, especially on recursive resolvers. [GL #1795]
|
|
</para>
|
|
</listitem>
|
|
</itemizedlist>
|
|
</section>
|
|
|
|
<section xml:id="relnotes-9.16.3-known"><info><title>Known Issues</title></info>
|
|
<itemizedlist>
|
|
<listitem>
|
|
<para>
|
|
None.
|
|
</para>
|
|
</listitem>
|
|
</itemizedlist>
|
|
</section>
|
|
|
|
<section xml:id="relnotes-9.16.3-changes"><info><title>Feature Changes</title></info>
|
|
<itemizedlist>
|
|
<listitem>
|
|
<para>
|
|
None.
|
|
</para>
|
|
</listitem>
|
|
<listitem>
|
|
<para>
|
|
The native PKCS#11 EdDSA implementation has been updated to PKCS#11
|
|
v3.0 and thus made operational again. Contributed by Aaron Thompson.
|
|
[GL !3326]
|
|
</para>
|
|
</listitem>
|
|
<listitem>
|
|
<para>
|
|
The OpenSSL ECDSA implementation has been updated to support PKCS#11
|
|
via OpenSSL engine (see engine_pkcs11 from libp11 project). [GL #1534]
|
|
</para>
|
|
</listitem>
|
|
<listitem>
|
|
<para>
|
|
The OpenSSL EdDSA implementation has been updated to support PKCS#11
|
|
via OpenSSL engine. Please note that you need EdDSA capable OpenSSL
|
|
engine and there's only proof-of-concept as of this moment.
|
|
Contributed by Aaron Thompson. [GL #1763]
|
|
</para>
|
|
</listitem>
|
|
</itemizedlist>
|
|
</section>
|
|
|
|
<section xml:id="relnotes-9.16.3-bugs"><info><title>Bug Fixes</title></info>
|
|
<itemizedlist>
|
|
<listitem>
|
|
<para>
|
|
The default rwlock implementation has been changed back to the native
|
|
BIND 9 rwlock implementation. [GL #1753]
|
|
</para>
|
|
</listitem>
|
|
<listitem>
|
|
<para>
|
|
When running on a system with Linux capabilities support,
|
|
<command>named</command> drops root privileges very soon after system
|
|
startup. This was causing a spurious log message, <quote>unable to set
|
|
effective uid to 0: Operation not permitted</quote>, which has now been
|
|
silenced. [GL #1042] [GL #1090]
|
|
</para>
|
|
</listitem>
|
|
</itemizedlist>
|
|
</section>
|
|
|
|
</section>
|