Changelogs for 5.0.X
====================
Before upgrading, it is advised to read the :doc:`../upgrade`.
.. changelog::
:version: 5.0.10
:released: 9th of April 2025
.. change::
:tags: Improvements
:pullreq: 15281
:tickets: 15254
If we see both a CNAME and answer records, follow CNAME and discard the answer records.
.. change::
:tags: Improvements
:pullreq: 15214
:tickets: 14525
Add new root trust anchor.
.. changelog::
:version: 5.0.9
:released: 3rd of October 2024
.. change::
:tags: Bug Fixes
:pullreq: 14744
`Security advisory 2024-04 <https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-04.html>`__: CVE-2024-25590
.. changelog::
:version: 5.0.8
:released: 23rd of July 2024
.. change::
:tags: Improvements
:pullreq: 14502
:tickets: 14499
Limit the number of async tasks pushed to resolve NS names and optimize processing of additionals.
.. change::
:tags: Bug Fixes
:pullreq: 14482
:tickets: 14471
Dump right SOA into dumpFile and report non-relative SOA for includeSOA=true.
.. change::
:tags: Bug Fixes
:pullreq: 14479
:tickets: 14404
Yahttp router: avoid unsigned underflow in route().
.. change::
:tags: Improvements.
:pullreq: 14412
:tickets: 134400
Switch el7 builds to Oracle Linux 7.
.. change::
:tags: Improvements
:pullreq: 14415
:tickets: 14359
dns.cc: use pdns::views::UnsignedCharView.
.. changelog::
:version: 5.0.7
:released: 3rd of July 2024
.. change::
:tags: Bug Fixes
:pullreq: 14379
:tickets: 14373
Remove potential double SOA records if the target of a dns64 name is NODATA.
.. change::
:tags: Bug Fixes
:pullreq: 14351
:tickets: 14346
Fix TCP case for policy tags to not produce cached tags in protobuf messages.
.. change::
:tags: Bug Fixes
:pullreq: 14348
:tickets: 14340
Count substituted remote in case of proxy protocol.
.. changelog::
:version: 5.0.6
:released: 5th of June 2024
.. change::
:tags: Improvements
:pullreq: 14223
:tickets: 14197
YaHTTP: Enforce max # of request fields and max request line size.
.. change::
:tags: Improvements
:pullreq: 14222
:tickets: 14185
Report error and adjust max-mthreads when linux map limit (vm.max_map_count) is too low to accommodate resource usage under load.
.. changelog::
:version: 5.0.5
:released: 14th of May 2024
.. change::
:tags: Bug Fixes
:pullreq: 14091
:tickets: 14049
Do not count RRSIGs using unsupported algorithms toward RRSIGs limit.
.. change::
:tags: Bug Fixes
:pullreq: 13992
:tickets: 13984
Correctly count NSEC3s considered when chasing the closest encloser.
.. change::
:tags: Bug Fixes
:pullreq: 13991
:tickets: 13966
Let NetmaskGroup parse dont-throttle-netmasks, allowing negations.
.. change::
:tags: Bug Fixes
:pullreq: 13990
:tickets: 13947
Fix types of two YAML settings (incoming.edns_padding_from, incoming.proxy_protocol_from) that should be sequences of subnets.
.. change::
:tags: Bug Fixes
:pullreq: 13989
:tickets: 13926
Fix trace=fail regression and add regression test for it.
.. change::
:tags: Improvements
:pullreq: 13988
:tickets: 13849
Only print Docker config if debug flag is set.
.. changelog::
:version: 5.0.4
:released: 24th of April 2024
.. change::
:tags: Bug Fixes
:pullreq: 14108
`Security advisory 2024-02 <https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-02.html>`__: CVE-2024-25583
.. changelog::
:version: 5.0.3
:released: 7th of March 2024
.. change::
:tags: Improvements
:pullreq: 13845
:tickets: 13824
Log if a DNSSEC related limit was hit if log_bogus is set.
.. change::
:tags: Improvements
:pullreq: 13846
:tickets: 13830
Reduce RPZ memory usage by not keeping the initially loaded RPZs in memory.
.. change::
:tags: Bug Fixes
:pullreq: 13852
:tickets: 13847
Fix gathering of denial of existence proof for wildcard-expanded names.
.. change::
:tags: Bug Fixes
:pullreq: 13791
:tickets: 13788
Fix the zoneToCache regression introduced by SA 2024-01.
.. changelog::
:version: 5.0.2
:released: 13th of February 2024
.. change::
:tags: Bug Fixes
:pullreq: 13782
`Security advisory 2024-01 <https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html>`__: CVE-2023-50387 and CVE-2023-50868
.. changelog::
:version: 5.0.1
:released: 10th of January 2024, with no changes compared to the second release candidate. Version 5.0.0 was never released publicly.
.. changelog::
:version: 5.0.0-rc2
:released: 20th of December 2023
.. change::
:tags: Bug Fixes
:pullreq: 13646
:tickets: 13588, 13612
Fix handling of RUNTIME_DIRECTORY and NOD dirs.
.. change::
:tags: Improvements
:pullreq: 13645
:tickets: 13567
Warn that disabling structured logging is now deprecated.
.. changelog::
:version: 5.0.0-rc1
:released: 6th of December 2023
.. change::
:tags: Improvements
:pullreq: 13557
Remove experimental warnings for YAML.
.. change::
:tags: Improvements
:pullreq: 13507
:tickets: 13386
Disallow (by answering Refused) RD=0 by default.
.. change::
:tags: Bug Fixes
:pullreq: 13543
:tickets: 13542
A single NSEC3 record covering everything is a special case.
.. change::
:tags: Improvements
:pullreq: 13434
Make syncres code clang-tidy.
.. change::
:tags: Bug Fixes
:pullreq: 13511
:tickets: 13463
Document outgoing query counts better, including a small fix.
.. change::
:tags: Improvements
:pullreq: 13501
:tickets: 12842
Introduce a setting to allow RPZ duplicates, including a dup handling fix.
.. change::
:tags: Bug Fixes
:pullreq: 13497
:tickets: 13483
Take into account throttled queries when determining if we had a cache hit.
.. change::
:tags: Improvements
:pullreq: 13387
Update new b-root-server.net addresses in built-in hints.
.. change::
:tags: Bug Fixes
:pullreq: 13480
:tickets: 13467
Correctly apply outgoing.tcp_max_queries bound.
.. change::
:tags: Improvements
:pullreq: 13478
Change default of nsec3-max-iterations to 50.
.. change::
:tags: Improvements
:pullreq: 13477
Warn if truncation occurred dumping the trace.
.. changelog::
:version: 5.0.0-beta1
:released: 10th of November 2023
.. change::
:tags: Bug Fixes
:pullreq: 13468
Fix ubsan error: using a value of 80 for bool.
.. change::
:tags: Improvements
:pullreq: 13462
Be more memory efficient handling RPZ updates.
.. change::
:tags: Improvements
:pullreq: 13464
Change default of extended-resolution-errors setting to true.
.. change::
:tags: Improvements
:pullreq: 13455
Move a few settings from recursor to outgoing section.
.. change::
:tags: Improvements
:pullreq: 13446
For structured logging always log addresses including port.
.. change::
:tags: Improvements
:pullreq: 13438
Teach configure to check for cargo version and require >= 1.64.
.. change::
:tags: Improvements
:pullreq: 13410
:tickets: 12612
Tidy cache and only copy values if non-expired entry was found.
.. change::
:tags: Bug Fixes
:pullreq: 13409
:tickets: 13383
Handle serve stale logic in getRootNXTrust().
.. change::
:tags: Improvements
:pullreq: 13432,13430
:tickets: 13430
Add endbr64 instructions in the right spots for OpenBSD/amd64.
.. change::
:tags: Improvements
:pullreq: 13408
Handle stack memory on NetBSD as on OpenBSD (Tom Ivar Helbekkmo)
.. changelog::
:version: 5.0.0-alpha2
:released: 17th of October 2023
.. change::
:tags: Improvements
:pullreq: 13362
:tickets: 13233, 12679
Convert API managed config from old style to YAML if YAML settings are active.
.. change::
:tags: Improvements
:pullreq: 13364
If we miss glue--but not for all NS records--try to resolve the missing address records.
.. change::
:tags: Bug Fixes
:pullreq: 13353
:tickets: 12395
If serving stale, wipe CNAME records from cache when we get a NODATA negative response for them.
.. change::
:tags: Bug Fixes
:pullreq: 13363
Fix Coverity 1522436 potential dereference of null return value.
.. change::
:tags: Improvements
:pullreq: 13296
Make QName Minimization parameters from :rfc:`9156` settable.
.. change::
:tags: Improvements
:pullreq: 13312
Conform to :rfc:`2181` 10.3: don't allow NS records to point to aliases.
.. change::
:tags: Bug Fixes
:pullreq: 13303,13311
Fix log messages text and levels.
.. change::
:tags: Improvements
:pullreq: 13295
:tickets: 8646
Do not use Qname Minimization for infra-queries.
.. change::
:tags: Improvements
:pullreq: 13289
Implement probabilistic un-throttle.
.. change::
:tags: Improvements
:pullreq: 13290
Put files generated by settings/generate.py into tarball so package builds do not have to run it.
.. change::
:tags: Improvements
:pullreq: 13278
:tickets: 13266
Fix packetcache submit refresh task logic.
.. change::
:tags: Bug Fixes
:pullreq: 13276
:tickets: 13259
Fix sysconfdir handling in new settings code.
.. change::
:tags: Improvements
:pullreq: 13277
:tickets: 13264
Allow loglevel to be set to levels < 3.
.. change::
:tags: Improvements
:pullreq: 13195
:tickets: 8394
Move tcp-in processing to dedicated thread(s).
.. change::
:tags: Bug Fixes
:pullreq: 13250
Fix Coverity 1519054: Using invalid iterator.
.. changelog::
:version: 5.0.0-alpha1
:released: 13th of September 2023
.. change::
:tags: Improvements
:pullreq: 13008
Rewrite settings code, introducing YAML settings file, using Rust and generated code to implement YAML processing
.. change::
:tags: Improvements
:pullreq: 13209
Make aggressive cache pruning more effective and more fair.
.. change::
:tags: Bug Fixes
:pullreq: 13210
Remove Before=nss-lookup.target line from unit file.
.. change::
:tags: Improvements
:pullreq: 13208
Remove make_tuple and make_pair (Rosen Penev).
.. change::
:tags: Improvements
:pullreq: 13190
Rec: fix a few unused argument warnings (depending on features enabled).
.. change::
:tags: Bug Fixes
:pullreq: 13167
TCPIOHandler: Fix a race when creating the first TLS connections.
.. change::
:tags: Bug Fixes
:pullreq: 13174
Rec: Include cstdint in mtasker_ucontext.cc, noted by @zeha.
.. change::
:tags: Improvements
:pullreq: 13168
Change the default for building with net-snmp from `auto` to `no`.
.. change::
:tags: Improvements
:pullreq: 13155
:tickets: 13147
Channel: Make the blocking parameters of the object queue explicit.
.. change::
:tags: Improvements
:pullreq: 13102
Do not assume the records are in a particular order when determining if an answer is NODATA.
.. change::
:tags: Improvements
:pullreq: 13111
Document default for `webserver-loglevel` (Frank Louwers).
.. change::
:tags: Improvements
:pullreq: 13087
Remove unused sysv init files.
.. change::
:tags: Improvements
:pullreq: 13092
Fixes a few performance issues reported by Coverity.
.. change::
:tags: Improvements
:pullreq: 13074
Highlight why regression tests failed with github annotation (Josh Soref)
.. change::
:tags: Improvements
:pullreq: 13073
Switch from deprecated ::set-output (Josh Soref).
.. change::
:tags: Improvements
:pullreq: 13067
Use backticks in rec_control(1) (Josh Soref).
.. change::
:tags: Improvements
:pullreq: 13068
Clarify why bulktest is failing (Josh Soref).
.. change::
:tags: Improvements
:pullreq: 13043
:tickets: 13011
Set TTL in getFakePTRRecords.
.. change::
:tags: Improvements
:pullreq: 13032
Update settings.rst -- clarify edns-subnet-allow-list (Seth Arnold).
.. change::
:tags: Improvements
:pullreq: 13026
Dnsheader: Switch from bitfield to uint16_t whenever possible.
.. change::
:tags: Improvements
:pullreq: 12805
Clarify log message for NODATA/NXDOMAIN without AA (HÃ¥kan Lindqvist).
.. change::
:tags: Improvements
:pullreq: 12913,12931,12999,13001,13022,13175,15197
Use arc4random only for random values.
.. change::
:tags: Improvements
:pullreq: 12851
Update base Debian version in Docker docs (Italo Cunha).
.. change::
:tags: Improvements
:pullreq: 12917
Delint pdns recursor.cc.
.. change::
:tags: Improvements
:pullreq: 12957
Include qname when logging skip of step 4 of qname minimization (Doug Freed).
.. change::
:tags: Improvements
:pullreq: 12952
Fix a set of move optimizations, as suggested by Coverity.
.. change::
:tags: Improvements
:pullreq: 12934
Silence Coverity 1462719 Unchecked return value from library.
.. change::
:tags: Improvements
:pullreq: 12930
Fix compile warnings.
.. change::
:tags: Improvements
:pullreq: 12913
Dns random: add method to get full 32-bits of randomness.
.. change::
:tags: Improvements
:pullreq: 12808
Reformat and delint arguments.cc and arguments.hh.