mirror of
https://github.com/vincentmli/bpfire.git
synced 2026-04-09 18:45:54 +02:00
ceff14d956
For details see: https://downloads.isc.org/isc/bind9/9.16.32/doc/arm/html/notes.html#notes-for-bind-9-16-32 Excerpt from changelog: "5934. [func] Improve fetches-per-zone fetch limit logging to log the final allowed and spilled values of the fetch counters before the counter object gets destroyed. [GL #3461] 5933. [port] Automatically disable RSASHA1 and NSEC3RSASHA1 in named on Fedorda 33, Oracle Linux 9 and RHEL9 when they are disabled by the security policy. [GL #3469] 5932. [bug] Fix rndc dumpdb -expired and always include expired RRsets, not just for RBTDB_VIRTUAL time window. [GL #3462] 5929. [bug] The "max-zone-ttl" option in "dnssec-policy" was not fully effective; it was used for timing key rollovers but did not actually place an upper limit on TTLs when loading a zone. This has been corrected, and the documentation has been clarified to indicate that the old "max-zone-ttl" zone option is now ignored when "dnssec-policy" is in use. [GL #2918] 5924. [func] When it's necessary to use AXFR to respond to an IXFR request, a message explaining the reason is now logged at level info. [GL #2683] 5923. [bug] Fix inheritance for dnssec-policy when checking for inline-signing. [GL #3438] 5922. [bug] Forwarding of UPDATE message could fail with the introduction of netmgr. This has been fixed. [GL #3389]" Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Reviewed-by: Peter Müller <peter.mueller@ipfire.org>