Changelogs for 4.5.X

4.5.0-alpha1

Released: 15th of January 2021

Improvements

• Introduce “Refresh almost expired” a mechanism to keep the record cache warm.

  References: #440, pull request 9699

• Use protozero for Protocol Buffer operations in dnsdist, and dnstap/outgoing for the recursor.

  References: #9781, #9780, pull request 9843, pull request 9630

• Use a short-lived NSEC3 hashes cache for denial validation.

  References: pull request 9856

• Introduce synonyms for offensive language in settings and docs.

  References: pull request 9670

• Handle failure to start the web server more gracefully.

  References: #9808, pull request 9812

• Switch default TTL override to 1.

  References: pull request 9720

• Log the exact Bogus state when ‘dnssec-log-bogus’ is enabled.

  References: pull request 9806 9828

• Switch to TCP in case of spoofing (near-miss) attempts.

  References: pull request 9744

• Add support for rfc8914: Extended DNS Errors.

  References: pull request 9673

• Two OpenBSD improvements for UDP sockets: port randomization and EAGAIN errors.

  References: pull request 9633

• Cleanup of RPZ refresh handling.

  References: pull request 9594

• Refactor the percentage computation and use rounding.

  References: pull request 9629

• Throttle servers sending invalid data and rcodes.

  References: pull request 9571

• Terminate TCP connections instead of ‘ignoring’ errors.

  References: pull request 9572

• Don’t parse any config with –version.

  References: pull request 9569

• Expose typed cache flush via Web API.

  References: pull request 9562

• Remove query-local-address6.

  References: pull request 9554

• Lua: add backtraces to errors.

  References: pull request 8942

• Log the line received from rec_control.

  References: pull request 9493

• Shared and sharded neg cache.

  References: pull request 9475

Bug Fixes

• Lookup DS entries before CNAME entries.

  References: #9621, pull request 9883

• Fix the gathering of denial proof for wildcard-expanded answers.

  References: pull request 9793

• Actually discard invalid RRSIGs with too high labels count.

  References: pull request 9789

• x-our-latency is a gauge.

  References: #9638, pull request 9686

• Make parse ip:port a bit smarter.

  References: #7743, pull request 9432

• Fix wipe-cache-typed.

  References: pull request 9515

• Detach snmp thread to avoid trouble when trying to quit nicely.

  References: pull request 9492