Verified Commit e6ca82b2 authored by Michal Nowak's avatar Michal Nowak
Browse files

Add release notes for GL #2472

parent 566b8ab8
......@@ -40,7 +40,16 @@ Removed Features
Feature Changes
~~~~~~~~~~~~~~~
- None.
- To prevent users from inadvertently configuring unencrypted
DNS-over-HTTPS (DoH) in BIND 9, ``listen-on`` and ``listen-on-v6``
statements using the ``http`` parameter must now also specify the
``tls`` parameter. ``tls none`` can be used to explicitly allow
unencrypted HTTP connections. [GL #2472]
- ``http default`` can now be specified in ``listen-on`` and
``listen-on-v6`` statements to use the default HTTP endpoint of
``/dns-query``. It is no longer necessary to include an ``http``
statement in ``named.conf`` unless overriding this value. [GL #2472]
Bug Fixes
~~~~~~~~~
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment