BIND 9.6-ESV-R11 Release Notes
| Author: ISC Support Reference Number: AA-01109 Views: 6395 Created: 2014-01-28 21:33 Last Updated: 2014-01-31 00:00
0 Rating/ Voters
BIND 9.6-ESV-R11 is the latest and final production release of BIND 9.6.
BIND 9.6-ESV is an Extended Support Version of BIND. The BIND 9.6-ESV branch has reached its End of Life. There will be no further bug fixes to it of any kind and BIND 9.6-ESV-R11 is our final release version of the 9.6 releases. We recommend that you plan your upgrade to BIND 9.9.5 or higher. BIND 9.9 is our current ESV Extended Support Version and will be supported for three more years.
This document summarizes changes from BIND 9.6-ESV-R10 to BIND 9.6-ESV-R11. Please see the CHANGES file in the source code release for a complete list of all changes.
The latest versions of BIND 9 software can always be found on our web site at http://www.isc.org/downloads/. There you will find additional information about each release, source code, and pre-compiled versions for Microsoft Windows operating systems.
Professional support is provided by DNSco. Information about paid support options is available at http://www.dns-co.com/solutions/. Free support is provided by our user community via a mailing list. Information on all public email lists is available at https://www.isc.org/community/mailing-list/.
- Treat an all zero netmask as invalid when generating the localnets acl to work around a bug on the Windows platform. [CVE-2013-6230] [RT #34687]
- Fix crashes when serving some NSEC3 signed zones. memcpy was incorrectly called with overlapping ranges, resulting in malformed names being generated on some platforms. This could cause INSIST failures. (CVE 2014-0591) [RT #35120]
- Add the ability to specify ndots to "nslookup". [RT #34711]
- Check that EDNS subnet client options are well formed. [RT #34718]
- "named" now preserves the capitalization of names when responding to queries. [RT #34737]
- Use separate rate limiting queues for refresh and notify requests. [RT #30589]
- Adjust when a master server is deemed unreachable to be less aggressive. [RT #27075]
- Create delegations for all "children" of empty zones except "forward first". [RT #34826]
- Changed the name of "isc-config.sh" developers script (for outputting compiler and linker flags) to "bind9-config". [RT #23825]
- Add "dig" option to keep the TCP socket open between successive queries (+[no]keepopen). [RT #34918]
- "named-checkconf -z" now checks zones of type hint as well as master. [RT #35046]
- Update config.guess and config.sub to add support for ppc64le (powerpc 64-bit Little Endian). [RT #35060]
- "named" can now accept integer timestamps in RRSIG records. [RT #35185]
- Fix "host" and "nslookup" so don't need dot after the domain by checking ndots when searching. Only continue searching on NXDOMAIN responses. [RT #34711]
- Handle changes to sig-validity-interval settings better. [RT #34625]
- Fix bug where journal filename string could be set incorrectly, causing garbage in log messages. [RT #34738]
- Address race condition with manual notify requests. [RT #34806]
- Fix Linux compilation issue when libcap-devel is installed. [RT #34838]
- Fix "host" failure if a UDP query timed out. [RT #34870]
- Address bugs in dns_rdata_fromstruct and dns_rdata_tostruct for WKS and ISDN types. [RT #34910]
- Fix cast in lex.c which could see 0xff treated as EOF. This fixes issue with potential bad data in a database used by DLZ or SDB. [RT #34993]
- Fix build issue on newer FreeBSD needing -lhx509 for GSSAPI build. [RT #35001]
- Address read after free in server side of lwres_getrrsetbyname. [RT #29075]
- Fix "nsupdate" memory leak if "realm" was used multiple times. [RT #35073]
- Fix "dig" for cleaning up TCP sockets still waiting on connect(). [RT #35074]
- Fix crashes in RBTDB implementation. Two calls to dns_db_getoriginnode were fatal if there was no data at the node. [RT #35080]
- Fix "dig" so it can handle AXFR style IXFR responses which span multiple messages. [RT #35137]
- Fix a "host" tool problem with converting UTF-8 textname to IDN encoding by handling "." as a search list element when IDN support is enabled. [RT #35133]
- Fix "queryperf" to prevent a possible integer overflow when printing results. [RT #35182]
- Fix a bug which could cause a crash when running "rndc reconfig" or "rndc reload" after configuration is changed from regular zones to automatic empty zones. [RT #35177]
Thank you to everyone who assisted us in making this release possible. If you would like to contribute to ISC to assist us in continuing to make quality open source software, please visit our donations page at http://www.isc.org/donate/.
© 2001-2015 Internet Systems ConsortiumPlease help us to improve the content of our knowledge base by letting us know below how we can improve this article. If you have a technical question or problem on which you'd like help, please don't submit it here as article feedback. For assistance with problems and questions for which you have not been able to find an answer in our Knowledge Base, we recommend searching our community mailing list archives and/or posting your question there (you will need to register there first for your posts to be accepted). The bind-users and the dhcp-users lists particularly have a long-standing and active membership.ISC relies on the financial support of the community to fund the development of its open source software products. If you would like to support future product evolution and maintenance as well having peace of mind knowing that our team of experts are poised to provide you with individual technical assistance whenever you call upon them, then please consider our Professional Subscription Support services - details can be found on our main website.