Commit febbd908 authored by Evan Hunt's avatar Evan Hunt

CHANGES, release notes

parent 722d0f57
Pipeline #14267 passed with stages
in 10 minutes and 16 seconds
5229. [protocol] Enforce known SSHFP fingerprint lengths. [GL #852]
5228. [cleanup] If trusted-keys and managed-keys are configured
simultaneously for the same name, the key cannot
be rolled automatically. This configuration now
logs a warning. [GL #868]
5224. [bug] Only test provide-ixfr on TCP streams. [GL #991]
5222. [bug] 'delv -t ANY' could leak memory. [GL #983]
......
......@@ -96,7 +96,19 @@
<itemizedlist>
<listitem>
<para>
None.
When <command>trusted-keys</command> and
<command>managed-keys</command> are both configured for the
same name, or when <command>trusted-keys</command> is used to
configure a trust anchor for the root zone and
<command>dnssec-validation</command> is set to
<literal>auto</literal>, automatic RFC 5011 key
rollovers will fail.
</para>
<para>
This combination of settings was never intended to work,
but there was no check for it in the parser. This has been
corrected; a warning is now logged. (In BIND 9.15 and
higher this error will be fatal.) [GL #868]
</para>
</listitem>
</itemizedlist>
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment