Changelogs for 5.0.X¶

Before upgrading, it is advised to read the Upgrade Guide.

5.0.4¶

Released: 24th of April 2024

Bug Fixes¶

Security advisory 2024-02: CVE-2024-25583¶

5.0.3¶

Released: 7th of March 2024

Improvements¶

Log if a DNSSEC related limit was hit if log_bogus is set.¶
References: #13824, pull request 13845
Reduce RPZ memory usage by not keeping the initially loaded RPZs in memory.¶
References: #13830, pull request 13846

Bug Fixes¶

Fix gathering of denial of existence proof for wildcard-expanded names.¶
References: #13847, pull request 13852
Fix the zoneToCache regression introduced by SA 2024-01.¶
References: #13788, pull request 13791

5.0.2¶

Released: 13th of February 2024

Bug Fixes¶

Security advisory 2024-01: CVE-2023-50387 and CVE-2023-50868¶
References: pull request 13782

5.0.1¶

Released: 10th of January 2024, with no changes compared to the second release candidate. Version 5.0.0 was never released publicly.

5.0.0-rc2¶

Released: 20th of December 2023

Improvements¶

Warn that disabling structured logging is now deprecated.¶
References: #13567, pull request 13645

Bug Fixes¶

Fix handling of RUNTIME_DIRECTORY and NOD dirs.¶
References: #13588, #13612, pull request 13646

5.0.0-rc1¶

Released: 6th of December 2023

Improvements¶

Remove experimental warnings for YAML.¶
References: pull request 13557
Disallow (by answering Refused) RD=0 by default.¶
References: #13386, pull request 13507
Make syncres code clang-tidy.¶
References: pull request 13434
Introduce a setting to allow RPZ duplicates, including a dup handling fix.¶
References: #12842, pull request 13501
Update new b-root-server.net addresses in built-in hints.¶
References: pull request 13387
Change default of nsec3-max-iterations to 50.¶
References: pull request 13478
Warn if truncation occurred dumping the trace.¶
References: pull request 13477

Bug Fixes¶

A single NSEC3 record covering everything is a special case.¶
References: #13542, pull request 13543
Document outgoing query counts better, including a small fix.¶
References: #13463, pull request 13511
Take into account throttled queries when determining if we had a cache hit.¶
References: #13483, pull request 13497
Correctly apply outgoing.tcp_max_queries bound.¶
References: #13467, pull request 13480

5.0.0-beta1¶

Released: 10th of November 2023

Improvements¶

Be more memory efficient handling RPZ updates.¶
References: pull request 13462
Change default of extended-resolution-errors setting to true.¶
References: pull request 13464
Move a few settings from recursor to outgoing section.¶
References: pull request 13455
For structured logging always log addresses including port.¶
References: pull request 13446
Teach configure to check for cargo version and require >= 1.64.¶
References: pull request 13438
Tidy cache and only copy values if non-expired entry was found.¶
References: #12612, pull request 13410
Add endbr64 instructions in the right spots for OpenBSD/amd64.¶
References: #13430, pull request 13430, pull request 13432
Handle stack memory on NetBSD as on OpenBSD (Tom Ivar Helbekkmo)¶
References: pull request 13408

Bug Fixes¶

Fix ubsan error: using a value of 80 for bool.¶
References: pull request 13468
Handle serve stale logic in getRootNXTrust().¶
References: #13383, pull request 13409

5.0.0-alpha2¶

Released: 17th of October 2023

Improvements¶

Convert API managed config from old style to YAML if YAML settings are active.¶
References: #12679, #13233, pull request 13362
If we miss glue–but not for all NS records–try to resolve the missing address records.¶
References: pull request 13364
Make QName Minimization parameters from RFC 9156 settable.¶
References: pull request 13296
Conform to RFC 2181 10.3: don’t allow NS records to point to aliases.¶
References: pull request 13312
Do not use Qname Minimization for infra-queries.¶
References: #8646, pull request 13295
Implement probabilistic un-throttle.¶
References: pull request 13289
Put files generated by settings/generate.py into tarball so package builds do not have to run it.¶
References: pull request 13290
Fix packetcache submit refresh task logic.¶
References: #13266, pull request 13278
Allow loglevel to be set to levels < 3.¶
References: #13264, pull request 13277
Move tcp-in processing to dedicated thread(s).¶
References: #8394, pull request 13195

Bug Fixes¶

If serving stale, wipe CNAME records from cache when we get a NODATA negative response for them.¶
References: #12395, pull request 13353
Fix Coverity 1522436 potential dereference of null return value.¶
References: pull request 13363
Fix log messages text and levels.¶
References: pull request 13303, pull request 13311
Fix sysconfdir handling in new settings code.¶
References: #13259, pull request 13276
Fix Coverity 1519054: Using invalid iterator.¶
References: pull request 13250

5.0.0-alpha1¶

Released: 13th of September 2023

Improvements¶

Rewrite settings code, introducing YAML settings file, using Rust and generated code to implement YAML processing¶
References: pull request 13008
Make aggressive cache pruning more effective and more fair.¶
References: pull request 13209
Remove make_tuple and make_pair (Rosen Penev).¶
References: pull request 13208
Rec: fix a few unused argument warnings (depending on features enabled).¶
References: pull request 13190
Change the default for building with net-snmp from auto to no.¶
References: pull request 13168
Channel: Make the blocking parameters of the object queue explicit.¶
References: #13147, pull request 13155
Do not assume the records are in a particular order when determining if an answer is NODATA.¶
References: pull request 13102
Document default for webserver-loglevel (Frank Louwers).¶
References: pull request 13111
Remove unused sysv init files.¶
References: pull request 13087
Fixes a few performance issues reported by Coverity.¶
References: pull request 13092
Highlight why regression tests failed with github annotation (Josh Soref)¶
References: pull request 13074
Switch from deprecated ::set-output (Josh Soref).¶
References: pull request 13073
Use backticks in rec_control(1) (Josh Soref).¶
References: pull request 13067
Clarify why bulktest is failing (Josh Soref).¶
References: pull request 13068
Set TTL in getFakePTRRecords.¶
References: #13011, pull request 13043
Update settings.rst – clarify edns-subnet-allow-list (Seth Arnold).¶
References: pull request 13032
Dnsheader: Switch from bitfield to uint16_t whenever possible.¶
References: pull request 13026
Clarify log message for NODATA/NXDOMAIN without AA (Håkan Lindqvist).¶
References: pull request 12805
Use arc4random only for random values.¶
References: pull request 12913, pull request 12931, pull request 12999, pull request 13001, pull request 13022, pull request 13175, pull request 15197
Update base Debian version in Docker docs (Italo Cunha).¶
References: pull request 12851
Delint pdns recursor.cc.¶
References: pull request 12917
Include qname when logging skip of step 4 of qname minimization (Doug Freed).¶
References: pull request 12957
Fix a set of move optimizations, as suggested by Coverity.¶
References: pull request 12952
Silence Coverity 1462719 Unchecked return value from library.¶
References: pull request 12934
Fix compile warnings.¶
References: pull request 12930
Dns random: add method to get full 32-bits of randomness.¶
References: pull request 12913
Reformat and delint arguments.cc and arguments.hh.¶
References: pull request 12808

Bug Fixes¶

Remove Before=nss-lookup.target line from unit file.¶
References: pull request 13210
TCPIOHandler: Fix a race when creating the first TLS connections.¶
References: pull request 13167
Rec: Include cstdint in mtasker_ucontext.cc, noted by @zeha.¶
References: pull request 13174

Contents

Previous topic

Next topic

This Page

Changelogs for 5.0.X¶

5.0.4¶

Bug Fixes¶

5.0.3¶

Improvements¶

Bug Fixes¶

5.0.2¶

Bug Fixes¶

5.0.1¶

5.0.0-rc2¶

Improvements¶

Bug Fixes¶

5.0.0-rc1¶

Improvements¶

Bug Fixes¶

5.0.0-beta1¶

Improvements¶

Bug Fixes¶

5.0.0-alpha2¶

Improvements¶

Bug Fixes¶

5.0.0-alpha1¶

Improvements¶

Bug Fixes¶