From: aerique Date: Thu, 30 Nov 2017 09:33:09 +0000 (+0100) Subject: Merge pull request #6016 from aerique:feature/update-auth-4.1.0-changelog. X-Git-Tag: auth-4.1.0^0 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=c2e5834030297b411b77c472387cdbc6b7c5699d;p=pdns Merge pull request #6016 from aerique:feature/update-auth-4.1.0-changelog. Update changelog and secpoll for 4.1.0. --- diff --git a/docs/changelog/4.1.rst b/docs/changelog/4.1.rst index 27b770abb..bf04825cf 100644 --- a/docs/changelog/4.1.rst +++ b/docs/changelog/4.1.rst @@ -1,6 +1,62 @@ Changelogs for 4.1.x ==================== +.. changelog:: + :version: 4.1.0 + :released: 30th of November 2017 + + This is the first release in the 4.1 train. + + The full release notes can be read `on the blog `_. + + The 4.1 release is a major upgrade for the Authoritative Server featuring many improvements and speedups: + + - Improved performance: 400% speedup in some scenarios, + - Crypto API: DNSSEC fully configurable via RESTful API, + - Improved documentation, + - Database related improvements, + - Enhanced tooling, + - Support for TCP Fast Open, + - Support for non-local bind, + - Support for Botan 2.x (and removal of support for Botan 1.10), + - Our packages now ship with PKCS #11 support. + + Recursor passthrough removal: This will impact many installations, and we realize this may be painful, but it is necessary. Previously, the PowerDNS Authoritative Server contained a facility for sending recursion desired queries to a resolving backend, possibly after first consulting its local cache. This feature (‘recursor=’) was frequently confusing and also delivered inconsistent results, for example when a query ended up referring to a CNAME that was outside of the Authoritative Server’s knowledge. To read more about this please see the blog post mentioned above or read the :doc:`migration guide <../../guides/recursion>`. + + Changes since 4.1.0-rc3: + + .. change:: + :tags: DNSSEC, Bug Fixes + :pullreq: 5968 + + Fix hang when PATCHing zone during rectify. + + .. change:: + :tags: Improvements + :pullreq: 5976 + :tickets: 5974 + + Report remote IP when SOA query comes back with empty question section. + + .. change:: + :tags: API, Improvements + :pullreq: 5964 + :tickets: 5862 + + Make the /cryptokeys endpoint consistently use CryptoKey objects. + + .. change:: + :tags: Removed Features + :pullreq: 6004 + + Remove deprecated SOA-EDIT values: INCEPTION and INCEPTION-WEEK. + + .. change:: + :tags: API, Bug Fixes + :pullreq: 6007 + + Deny cache flush, zone retrieve and notify if the API is read-only. + .. changelog:: :version: 4.1.0-rc3 :released: 17th of November 2017 diff --git a/docs/secpoll.zone b/docs/secpoll.zone index eb1e55fa8..8b64fcbad 100644 --- a/docs/secpoll.zone +++ b/docs/secpoll.zone @@ -1,4 +1,4 @@ -@ 86400 IN SOA pdns-public-ns1.powerdns.com. pieter\.lexis.powerdns.com. 2017112702 10800 3600 604800 10800 +@ 86400 IN SOA pdns-public-ns1.powerdns.com. pieter\.lexis.powerdns.com. 2017113001 10800 3600 604800 10800 @ 3600 IN NS pdns-public-ns1.powerdns.com. @ 3600 IN NS pdns-public-ns2.powerdns.com. ; Auth @@ -31,9 +31,10 @@ auth-4.0.3.security-status 60 IN TXT "3 Upgrade now auth-4.0.4-rc1.security-status 60 IN TXT "3 Upgrade now, see https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2017-04.html" auth-4.0.4.security-status 60 IN TXT "3 Upgrade now, see https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2017-04.html" auth-4.0.5.security-status 60 IN TXT "1 OK" -auth-4.1.0-rc1.security-status 60 IN TXT "1 OK" -auth-4.1.0-rc2.security-status 60 IN TXT "1 OK" -auth-4.1.0-rc3.security-status 60 IN TXT "1 OK" +auth-4.1.0-rc1.security-status 60 IN TXT "3 Unsupported pre-release (known vulnerabilities)" +auth-4.1.0-rc2.security-status 60 IN TXT "3 Unsupported pre-release (known vulnerabilities)" +auth-4.1.0-rc3.security-status 60 IN TXT "3 Unsupported pre-release (known vulnerabilities)" +auth-4.1.0.security-status 60 IN TXT "1 OK" ; Auth Debian auth-3.4.1-2.debian.security-status 60 IN TXT "3 Upgrade now, see https://doc.powerdns.com/3/security/powerdns-advisory-2015-01/ and https://doc.powerdns.com/3/security/powerdns-advisory-2015-02/ and https://doc.powerdns.com/3/security/powerdns-advisory-2016-02/ and https://doc.powerdns.com/3/security/powerdns-advisory-2016-03/ and https://doc.powerdns.com/3/security/powerdns-advisory-2016-04/ and https://doc.powerdns.com/3/security/powerdns-advisory-2016-05/"