Backport of CVE-2020-25829: Cache pollution.¶
References: pull request 9603
Raise an exception on invalid content in unknown records.¶
References: #9497, pull request 9508
Boost 1.73 moved boost::bind placeholders to the placeholders namespace.¶
References: #9070, pull request 9502
Fix the parsing of dont-throttle-netmasks in the presence of dont-throttle-names.¶
References: #9454, pull request 9456
Resize hostname to final size in getcarbonhostname().¶
References: pull request 9368
Validate cached DNSKEYs against the DSs, not the RRSIGs only.¶
References: #9309, pull request 9334
Ignore cache-only for DNSKEYS/DS retrieval.¶
References: #9297, pull request 9333
A ServFail while retrieving DS/DNSKEY records is just that.¶
References: #9292, pull request 9332
Refuse DS records received from child zones.¶
References: #9188, pull request 9331
Better exception handling in housekeeping/handlePolicyHit.¶
References: #9268, pull request 9306
Fix build with gcc-10¶
References: #8640, pull request 9123
Backport of CVE-2020-14196: Enforce webserver ACL.¶
References: pull request 9284
Copy the negative cache entry before validating it.¶
References: #9251, pull request 9261
Fix compilation on systems that do not define HOST_NAME_MAX.¶
References: #9127, pull request 9133
Add ubuntu focal target.¶
References: pull request 9081
Only log qname parsing errors when ‘log-common-errors’ is set.¶
References: pull request 8869
Backport of security fixes for CVE-2020-10995, CVE-2020-12244 and CVE-2020-10030, plus avoid a crash when loading an invalid RPZ.¶
References: pull request 9116
Refuse NSEC records with a bitmap length > 32.¶
References: pull request 8832
Avoid startup race by setting the state of a tread before starting it.¶
References: pull request 8802
Better detection of Bogus zone cuts for DNSSEC validation.¶
References: pull request 8696
Fix parsing dont-throttle-names and dont-throttle-netmasks as comma separated lists.¶
References: pull request 8686
Update gen-version to use latest tag for version number.¶
References: pull request 8988
Update boost.m4.¶
References: #8875, pull request 8752, pull request 8964
Debian postinst / do not fail on user creation if it already exists.¶
References: pull request 8674
Add CentOS 8 as builder target¶
References: pull request 8427
Update boost.m4¶
References: pull request 8124
Add deviceName field to protobuf messages¶
References: #8101, pull request 8187
Test improvements (Chris Hofstaedtler)¶
References: #8008, #8047, pull request 8121
Builder: add raspbian-buster target¶
References: pull request 8086
Purge map of failed auths periodically by keeping a last changed timestamp.¶
References: pull request 8552
Prime NS records of root-servers.net parent (.net)¶
References: pull request 8528
Issue with “zz” abbreviation for IPv6 RPZ triggers¶
References: pull request 8493
Basic validation of $GENERATE parameters¶
References: pull request 8452
Fix inverse handler registration logic for SNMP.¶
References: pull request 8230
Clear CMSG_SPACE(sizeof(data)) in cmsghdr to appease valgrind¶
References: #7981, pull request 8005
Make sure we always compile with BOOST_CB_ENABLE_DEBUG set to 0¶
References: pull request 8074
Limit compression pointers to 14 bits¶
References: pull request 8052
Fix the export of only outgoing queries or incoming responses¶
References: pull request 8009
Compare the CacheKey type and place first then the name¶
References: pull request 7939
Handle short reads from our random device¶
References: pull request 7955
Check if -latomic is needed instead of hardcoding¶
References: pull request 7953
Don’t mix time() and gettimeofday() in our unit tests¶
References: pull request 7931
SuffixMatchTree fixes¶
References: pull request 7954
Use net-snmp-config --netsnmp-agent-libs instead of --agent-libs.¶
References: pull request 7818
Fix the detection of snmp_select_info2().¶
References: pull request 7826
Ensure a valid range to string() in PacketReader::getUnquotedText()¶
References: #7272, pull request 7813
Add a new max-cache-bogus-ttl option.¶
References: #7445, pull request 7478
Implement a way to disallow throttling of auths.¶
References: pull request 7480
ECS cache limit with TTL.¶
References: pull request 7631
Use a bounded load balancing algo to distribute queries.¶
References: pull request 7507
Add a distribution-pipe-buffer-size setting.¶
References: pull request 7571
Add protobuf-use-kernel-timestamp for sharper latencies.¶
References: pull request 7508
Ignore path MTU discovery on UDP server socket.¶
References: pull request 7410
Set --enable-option-checking=fatal on all package builds, enable SNMP in RPMS.¶
References: #7671, pull request 7669
This provides cpu usage statistics per thread (worker & distributor).¶
References: pull request 7649
Add a new ecs-minimum-ttl-override setting.¶
References: pull request 7574
Utility::random() and srandom() are not used anymore.¶
References: pull request 7484
Add rec statistics about ECS response sizes, API endpoint to get a specific stat.¶
References: #7498, pull request 7504
Move back to malloc on !openbsd. Doing mmap/munmap all the time hurts…¶
References: pull request 7583
Set ip(v6)_recverr socket option to get notified of more than just port unreachable errors on Linux.¶
References: pull request 7540
Change the way getRealMemUsage() works on Linux (using statm).¶
References: pull request 7502
Lua: expose dns_random as pdnsrandom.¶
References: #6853, pull request 7492
Add an option to not override custom RPZ types with the default policy.¶
References: pull request 7476
Resync YaHTTP code to cmouse/yahttp@11be77a1fc4032. (Chris Hofstaedtler)¶
References: pull request 7433
Fix DNSSEC validation of non-expanded wildcards.¶
References: pull request 7714
Add DNAME support.¶
References: #6318, pull request 6341
Move replaced negcache entries to the back of the expunge queue.¶
References: pull request 7730
Fix the cache cleaning code being only run once for workers.¶
References: pull request 7731
Alternative solution to the unaligned accesses.¶
References: pull request 7708
ednsoptionview improvements.¶
References: pull request 7652
Add missing getregisteredname Lua function. (Aki Tuomi)¶
References: pull request 7589
Correctly interpret an empty AXFR response to an IXFR query.¶
References: pull request 7494
Initial 4.2.x release, please see the blog post: https://blog.powerdns.com/2019/02/01/changes-in-the-powerdns-recursor-4-2-0/