[dnsdist] Second alpha release of PowerDNS DNSdist 2.0.0 released

Remi Gacogne remi.gacogne at powerdns.com
Fri May 23 11:45:22 UTC 2025 

Hello!

Today we released the second alpha version of what will become PowerDNS 
DNSdist 2.0.0.

This release fixes a lot of issues, most of them related to either the 
new YAML configuration format or the new meson build mechanism. It also 
fixes CVE-2025-30193 and CVE-2025-30194, which have already been fixed 
in the 1.9.x stable branch.

This new release also comes with several new features:

- a new chain to apply rules on query timeouts has been implemented 
(@pacnal)
- more mitigations against misbehaving TCP and TLS clients have been added
- TLS session ticket keys are not automatically shared between identical 
frontends created using the YAML format, offering better performance
- switching TLS certificates based on the incoming Server Name 
Indication value sent by the client is now supported by the OpenSSL 
provider as well
- DSCP marking towards downstream servers has been implemented (@pacnal)
- it is now possible to call Lua methods just before stopping DNSdist

As this release introduces major changes compared to the 1.9 versions, 
we invite everyone to test it as soon as possible to make sure that all 
existing use cases are still working properly, and that there is no 
performance degradation.

Please see the DNSdist website [1] for the more complete changelog [2] 
and the current documentation. The upgrade guide is also available there 
[3].

Please send us all feedback and issues you might have via the mailing 
list, or in case of a bug, via GitHub [4].

The release tarball [5] and its signature [6] are available on the 
downloads website, and packages for several distributions are available 
from our repository [7].

[1]: https://dnsdist.org
[2]: https://dnsdist.org/changelog.html#change-2.0.0-alpha2
[3]: https://dnsdist.org/upgrade_guide.html
[4]: https://github.com/PowerDNS/pdns/issues/new/choose
[5]:
https://downloads.powerdns.com/releases/dnsdist-2.0.0-alpha2.tar.xz
[6]:
https://downloads.powerdns.com/releases/dnsdist-2.0.0-alpha2.tar.xz.sig
[7]: https://repo.powerdns.com

Best regards,
-- 
Remi Gacogne
PowerDNS.COM BV - https://www.powerdns.com/


-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20250523/2588d1ec/attachment.sig>

More information about the dnsdist mailing list