[nsd-users] NSD 4.10.1rc2 pre-release

Jeroen Koekkoek jeroen at nlnetlabs.nl
Tue Jul 23 15:28:41 UTC 2024 

Hi,

NSD 4.10.1rc2 pre-release is available:
https://nlnetlabs.nl/downloads/nsd/nsd-4.10.1rc2.tar.gz
sha256 ce2e82bc673aeff3a71aeb422fa38fb8db0a591edb76c13b0e4dde83ec8253e9
pgp https://nlnetlabs.nl/downloads/nsd/nsd-4.10.1rc2.tar.gz.asc

Version 4.10.1 consists primarily of bug fixes.

@bilias implemented mutual TLS authentication for zone transfers.
Please consult the nsd.conf manual for details on the newly introduced
configuration options tls-auth-port and tls-auth-xfr-only.

Michael Orlitzky provided integration for the OpenRC init system.

Version 4.10.0 was the first release to integrate simdzone. Build
issues on OpenBSD releases before 5.6, Gentoo and Solaris have been
reported and fixed. The fallback parser, used on systems that lack
SSE4.2 and AVX2 instruction sets, contained some bugs with regards to
state keeping and under certain circumstances a use after free bug was
encountered in buffer management.

4.10.1
================
FEATURES:
  - Merge #352 from orlitzky: contrib: add OpenRC service script,
    config file, and tmpfiles entry.
  - Merge #337 from bilias: Mutual TLS-AUTH.

BUG FIXES:
  - Fix incorrect punctuation of log messages.
  - Fix for #317, document more text on pidfile permissions.
  - Fix #334: RFC8482 behavior documentation.
  - Fix for OpenSSL 3.0 deprecated functions.
  - Merge #341: Fix allow-query wording in nsd.conf.5.in.
  - Fix test script from making spurious output.
  - Fix cpu_affinity and socket_partitioning tests for
    --enable-log-role.
  - Fix #344: Update simdzone.
  - Fix #347: Adjust verbosity for TLS (+TCP) to be 5.
  - Merge #348: Move TLS logging to verbosity level 5.
  - For #347: Also adjust verbosity of log message for remaining TCP
    connections.
  - Merge #349: log file name before loading.
  - Use MAKE variable rather than make command directly in Makefile.
  - Serialize WKS RRs using numeric values rather than names.
  - Fix propagation of Makefile targets to simdzone
  - Do not log ACL mismatch on followed CNAMEs.


simdzone 0.1.1
================
FEATURES:
  - Test to verify configure.ac and Makefile.in are correct.
  - Add support for reading from stdin if filename is "-".
  - Add support for building with Oracle Developer Studio 12.6.
  - Add support for "time" service for Well-Know Services (WKS) RR.

BUG FIXES:
  - Fix makefile dependencies.
  - Fix makefile to use source directory for build dependencies.
  - Fix changelog to reflect v0.1.0 release.
  - Update makefile to not use target-specific variables.
  - Fix makefile clean targets.
  - Fix state keeping in fallback scanner for contiguous and quoted.
  - Fix bug in name scanner.
  - Fix type mnemonic parsing in fallback parser.
  - Fix endian.h to include machine/endian.h on OpenBSD releases before
    5.6.
  - Fix use after free on buffer resize.

CHANGES:
  - Make relative includes relative to current working directory.

More information about the nsd-users mailing list