ISC BIND 9.7.0 released
A new stable release of the popular DNS server BIND 9.7.0 has been released. Major improvements are aimed at simplifying the administration of DNSSEC.
Available for download bind-9.7.0.tar.gz
It is reported that in rare cases when performing DNSSEC checks there is a memory leak. A patch to fix the problem has already been created, but he did not have time to become part of BIND 9.7.0, but will be presented later in version 9.7.1.
Source of news lists.isc.org
Available for download bind-9.7.0.tar.gz
What's new?
- Fully automated signing of “named” zones;
- Simplified configuration of the DNSSEC Lookaside Validation (DLV);
- Easy configuration of a dynamic DNS, new utility "ddns-confgen" or "local" update policy;
- New option "attach-cache";
- Preventive prevention of attacks on DNS;
- New default parameters for dnssec-keygen;
- RFC5011 support to automate confidence building;
- Simplified tools for signing zones and keys;
- Statistics-channels support is now available on Windows;
- Installing "tools only" in Windows allows you to install only the tools: dig, host, nslookup and nsupdate;
- Improved support for PKCS # 11, including support for hardware KeyM HSM modules and the ability to explicitly choose to use for the OpenSSL engine.
It is reported that in rare cases when performing DNSSEC checks there is a memory leak. A patch to fix the problem has already been created, but he did not have time to become part of BIND 9.7.0, but will be presented later in version 9.7.1.
Source of news lists.isc.org
')
Source: https://habr.com/ru/post/84600/
All Articles