FFE: (mostly) bugfix release 9.11.3
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
bind9 (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
I'd like to see bind 9.11.3 in bionic. Upstream release notes are at
https:/
While it has several security and other bug fixes, there are some feature changes too:
- named will no longer start or accept reconfiguration if managed-keys or dnssec-validation auto are in use and the managed-keys directory (specified by managed-
- Previously, update-policy local; accepted updates from any source so long as they were signed by the locally-generated session key. This has been further restricted; updates are now only accepted from locally configured addresses. [RT #45492]
- dig +ednsopt now accepts the names for EDNS options in addition to numeric values. For example, an EDNS Client-Subnet option could be sent using dig +ednsopt=ecs:.... Thanks to John Worley of Secure64 for the contribution. [RT #44461]
- Threads in named are now set to human-readable names to assist debugging on operating systems that support that. Threads will have names such as "isc-timer", "isc-sockmgr", "isc-worker0001", and so on. This will affect the reporting of subsidiary thread names in ps and top, but not the main thread. [RT #43234]
- DiG now warns about .local queries which are reserved for Multicast DNS. [RT #44783]
This release also fixes a crash if bind is configured for a freeipa server with ipa-dns-install.
summary: |
- FFE: bugfix release 9.11.3 + FFE: (mostly) bugfix release 9.11.3 |
isc-dhcp and bind-dyndb-ldap would need to be rebuilt after the update landed