Changelogs for 4.7.X

4.7.3

Released: 20th of September 2022

Improvements

• For zones having many NS records, we are not interested in all so take a sample.

  References: #11904, pull request 11936

• Also check qperq limit if throttling happened, as it increases counters.

  References: #11848, pull request 11897

Bug Fixes

• Failure to retrieve DNSKEYs of an Insecure zone should not be fatal.

  References: #11890, pull request 11940

• Fix recursor not responsive after Lua config reload.

  References: #11850, pull request 11879

• Clear the caches after loading authzones.

  References: #11843, pull request 11847

• Resize answer length to actual received length in udpQueryResponse.

  References: #11773, pull request 11774

4.7.2

Released: 23th of August 2022

Bug Fixes

• PowerDNS Security Advisory 2022-02: incomplete exception handling related to protobuf message generation.

  References: pull request 11874, pull request 11877

4.7.1

Released: 8th of July 2022

Improvements

• Allow generic format while parsing zone files for ZoneToCache.

  References: #11724, #11726, pull request 11750

• Force gzip compression for debian packages (Zash).

  References: #11735, pull request 11740

Bug Fixes

• Run tasks from housekeeping thread in the proper way, causing queued DoT probes to run more promptly. Thanks to Jerry Lundström!

  References: #11692, pull request 11748

4.7.0

Released: 30th of May 2022

Bug Fixes

• Fix API issue when asking config values for allow-from or allow-notify-from.

  References: #11609, pull request 11632

4.7.0-rc1

Released: 6th of May 2022

Bug Fixes

• Prometheus #HELP texts: DNSSEC counters track responses sent, not actual validations performed.

  References: #11539, pull request 11559

• Fix DoT port and protocol used for probed authoritative servers.

  References: #11541, pull request 11560

• Fix Coverity 1487923 Out-of-bounds read (wrong use of sizeof).

  References: #11536, pull request 11538

4.7.0-beta1

Released: 14th of April 2022

Improvements

• Probe authoritative servers for DoT support (experimental).

  References: pull request 11487

• Add deferred mode for retrieving additional records.

  References: pull request 11492

• Use boost::mult-index for nsspeed table and make it shared.

  References: pull request 11484

• Packet cache improvements: do not fill beyond limit and use strict LRU eviction method.

  References: pull request 11312

• Use nice format for timestamp printing.

  References: pull request 11444

• Only log “Unable to send NOD lookup” if log-common-errors is set.

  References: #11440, pull request 11445

• Remember parent NS set, to be able to fallback to it if needed.

  References: pull request 11443

• Proxy by table: allow a table based mapping of source address.

  References: pull request 11396, pull request 11507

Bug Fixes

• Update moment.min.js (path traversal fix; we are unaffected).

  References: pull request 11524

• Prevent segfault with empty allow-from-file and allow-from options (Sven Wegener).

  References: pull request 11496

• In the handler thread, call sd_notify() just before entering the main loop in RecursorThread.

  References: pull request 11471

• Distinguish between unreachable and timeout for throttling.

  References: pull request 11405

• Use correct task to clean outgoing TCP.

  References: pull request 11397

4.7.0-alpha1

Released: 28th of February 2022

Improvements

• Add Additional records to query results if appropriate and configured.

  References: #11294, pull request 11302

• Resolve AAAA for NS in an async task if applicable.

  References: pull request 11294

• Read the base Lua definitions into the Lua context for reading the Lua config.

  References: pull request 11319

• Add SNI information to outgoing DoT if available.

  References: pull request 11307

• Detect a malformed question early so we can drop it as soon as possible.

  References: pull request 11305

• Thread management re-factoring.

  References: pull request 11252

• Document changes to policy.DROP better and warn on using the now unsupported way.

  References: #11287, pull request 11288

• Allow disabling of processing root hints and lower log level of some related messages.

  References: pull request 11283

• Move two maps (failed servers and non-resolving nameservers) from thread_local to shared.

  References: pull request 11269

• A CNAME answer on DS query should abort DS retrieval.

  References: pull request 11245

• ZONEMD validation for Zone to Cache function.

  References: pull request 11100, pull request 11189

• By default, build with symbol visibility hidden.

  References: #11178, pull request 11186

• Update protozero to 1.7.1.

  References: pull request 11164

• Add Lua postresolve_ffi hook.

  References: pull request 11074

• Compute step sizes for Query Minimization according to RFC 9156.

  References: pull request 11036

Bug Fixes

• QType ADDR is supposed to be used internally only.

  References: #11337, pull request 11338, pull request 11349

• Fix unaligned access in murmur hash code used by the Newly Observed Domain feature.

  References: pull request 11347

• A Lua followCNAME result might need native dns64 processing.

  References: #11320, pull request 11327

• Use the Lua context stored in SyncRes when calling hooks.

  References: #11289, pull request 11300

• Make incoming TCP bookkeeping more correct.

  References: #11021, pull request 11030