Skip to content
Snippets Groups Projects
Verified Commit eb979d3a authored by Tomas Krizek's avatar Tomas Krizek Committed by Petr Špaček
Browse files

release 2.3.0

parent 375719d5
No related branches found
No related tags found
1 merge request!565Merge security repo
Knot Resolver 2.3.0 (2018-04-23)
================================
Security
--------
- fix CVE-2018-1110: denial of service triggered by malformed DNS messages
(!550, !558, security!2, security!4)
- increase resilience against slow lorris attack (security!5)
Incompatible changes
--------------------
- rename serve stale configuration option cache_touted_ns_clean_interval
to cache_ns_tout (!537)
Bugfixes
--------
- validation: fix SERVFAIL in case of CNAME to NXDOMAIN in a single zone
- validation: fix SERVFAIL for DS . query
- validation: fix SERVFAIL in case of CNAME to NXDOMAIN in a single zone (!538)
- validation: fix SERVFAIL for DS . query (!544)
- lib/resolve: don't send unecessary queries to parent zone (!513)
- iterate: fix validation for zones where parent and child share NS (!543)
- TLS: improve error handling and documentation (!536, !555, !559)
Improvements
------------
- prefill: new module to periodically import root zone into cache
(replacement for RFC 7706, !511)
- network_listen_fd: always create end point for supervisor supplied file descriptor
- daemon: improved TLS error handling
- use CPPFLAGS build environment variable if set (!547)
Knot Resolver 2.2.0 (2018-03-28)
......
# Project
MAJOR := 2
MINOR := 2
MINOR := 3
PATCH := 0
EXTRA :=
ABIVER := 7
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment