- Update to bind release 9.18.8
New Features:
* Support for parsing and validating the dohpath service
parameter in SVCB records was added.
* named now logs the supported cryptographic algorithms during
startup and in the output of named -V.
* The recursion not available and query (cache) '...' denied log
messages were extended to include the name of the ACL that
caused a given query to be denied.
Bug Fixes:
* An assertion failure was fixed in named that was caused by
aborting the statistics channel connection while sending
statistics data to the client.
* Changing just the TSIG key names for primaries in catalog
zones’ member zones was not effective. This has been fixed.
Known Issues:
* Upgrading from BIND 9.16.32, 9.18.6, or any older version may
require a manual configuration change. The following
configurations are affected:
- type primary zones configured with dnssec-policy but without
either allow-update or update-policy,
- type secondary zones configured with dnssec-policy.
In these cases please add inline-signing yes; to the individual
zone configuration(s). Without applying this change, named will
fail to start. For more details, see
https://kb.isc.org/docs/dnssec-policy-requires-dynamic-dns-or-inline-signing
* BIND 9.18 does not support dynamic update forwarding (see
allow-update-forwarding) in conjuction with zone transfers over
TLS (XoT).
This obsoletes the following patch:
* fix_documentation-Sphinx.patch
OBS-URL: https://build.opensuse.org/request/show/1034274
OBS-URL: https://build.opensuse.org/package/show/network/bind?expand=0&rev=362
Jorik Cronenberg
8eb032c2d5