Knowledge Base ISC Main Website Ask a Question/Contact ISC
BIND 9.6-ESV-R10 Release Notes
Author: Jeremy Reed Reference Number: AA-01053 Views: 952 Created: 2013-09-11 13:22 Last Updated: 2013-10-01 17:54 0 Rating/ Voters
Introduction

BIND 9.6-ESV-R10 is the latest production release of BIND 9.6-ESV.

BIND 9.6-ESV is an Extended Support Version of BINDBIND 9.6-ESV will be end of life on January 31, 2014.

This document summarizes changes from BIND 9.6-ESV-R9 to BIND 9.6-ESV-R10. Please see the CHANGES file in the source code release for a complete list of all changes.

Download

The latest versions of BIND 9 software can always be found on our web site at http://www.isc.org/downloads/all. There you will find additional information about each release, source code, and pre-compiled versions for Microsoft Windows operating systems.

Support

Product support information is available on http://www.isc.org/services/support for paid support options. Free support is provided by our user community via a mailing list. Information on all public email lists is available at https://lists.isc.org/mailman/listinfo.

Security Fixes
  • Prevents exploitation of a runtime_check which can crash named when satisfying a recursive query for particular malformed zones.  (CVE-2013-3919) [RT #33690]
Feature Changes
  • rndc status now also shows the build-id. [RT #20422]
  • Improved OPT pseudo-record processing to make it easier to support new EDNS options. [RT #34414]
  • "configure" now finishes by printing a summary of optional BIND features and whether they are active or inactive. ("configure --enable-full-report" increases the verbosity of the summary.) [RT #31777]
  • Addressed compatibility issues with newer versions of Microsoft Visual Studio. [RT #33916]
  • Improved the 'rndc' man page. [RT #33506]
  • 'named -g' now no longer works with an invalid logging configuration. [RT #33473]
  • The default (and minimum) value for tcp-listen-queue is now 10 instead of 3.  This is a subtle control setting (not applicable to all OS environments).  When there is a high rate of inbound TCP connections, it controls how many connections can be queued before they are accepted by named.  Once this limit is exceeded, new TCP connections will be rejected.  Note however that a value of 10 does not imply a strict limit of 10 queued TCP connections - the impact of changing this configuration setting will be OS-dependent.  Larger values for tcp-listen queue will permit more pending tcp connections, which may be needed where there is a high rate of TCP-based traffic (for example in a dynamic environment where there are frequent zone updates and transfers).  For most production servers the new default value of 10 should be adequate.  [RT #33029]
Bug Fixes
  • Fixed the "allow-query-on" option to correctly check the destination address. [RT #34590]
  • Fix forwarding for forward only "zones" beneath automatic empty zones. [RT #34583]
  • Remove bogus warning log message about missing signatures when receiving a query for a SIG record. [RT #34600]
  • Improved resistance to a theoretical authentication attack based on differential timing.  [RT #33939]
  • The build of BIND now installs isc/stat.h so that it's available to /isc/file.h when building other applications that reference these header files - for example dnsperf (see Debian bug ticket #692467).  [RT #33056]
  • Better handle failures building XML for stats channel responses. [RT #33706]
  • Fixed a memory leak in GSS-API processing. [RT #33574]
  • Fixed an acache-related race condition that could cause a crash. [RT #33602]
  • rndc now properly fails when given an invalid '-c' argument. [RT #33571]
  • Fixed an issue with the handling of zero TTL records that could cause improper SERVFAILs. [RT #33411]
  • Fixed a crash-on-shutdown race condition with DNSSEC validation. [RT #33573]
Thank You

Thank you to everyone who assisted us in making this release possible. If you would like to contribute to ISC to assist us in continuing to make quality open source software, please visit our donations page at http://www.isc.org/supportisc.

© 2001-2014 Internet Systems Consortium

Feedback
  • Please help us to improve the content of our knowledge base by letting us know how we can improve this article or by submitting suggestions for other articles you'd like to see created. Information on how to obtain further help on our products or services can be found on our main website.' If you have a technical question or problem on which you'd like help, we recommend searching our community mailing list archives and/or posting your question there (you will need to register there first for your posts to be accepted). The bind-users and the dhcp-users lists particularly have a long-standing and active membership.
Info Submit Feedback on this Article
Nickname: Your Email: Subject: Comment:
Enter the code below:
Quick Jump Menu