[Pdns-announce] dnsdist 1.7.1 released

Remi Gacogne remi.gacogne at powerdns.com
Mon Apr 25 10:14:38 UTC 2022


We are very happy to release dnsdist 1.7.1 today, a maintenance release 
fixing a few bugs reported since 1.7.0:

- A use-after-free error could happen if a network error occurred in the 
middle of a XFR query, for a proxy-protocol-enabled backend, leading to 
a crash
- The TLS Server Name Indication was not properly set on outgoing DNS 
over HTTPS or DNS over TLS connections to a backend
- The health-check timeout was not properly set for outgoing DNS over 
HTTPS connections, leading to a very long timeout
- The outgoing protocol was not always properly set in our in-memory 
ring buffers
- Outgoing UDP timeouts were sometimes processed a bit too late when the 
health-check interval was set to more than one second
- Filtering qnames via eBPF was broken
- The dynamic block mechanism was not properly switching to eBPF 
filtering, when available, if the block action was not explicitly set
- The latency histogram was broken in our prometheus metrics
- Trying to create a 0-sized packet cache would lead to a crash

In addition to these fixes, our Docker images no longer have capability 
requirements. More information on that topic is available in our upgrade 
guide [1].

We also improved our compatibility with OpenSSL 3.0.0's API.

As usual there were also other smaller enhancements and fixes, please 
see the dnsdist website [2] for the more complete changelog [3] and the 
current documentation.

Please send us all feedback and issues you might have via the mailing 
list, or in case of a bug, via GitHub [4].

The release tarball [5] and its signature [6] are available on the 
downloads website, and packages for several distributions are available 
from our repository [7].

Finally, we would like to thank the PowerDNS community and all external 
contributors for their great work in this release!

[1]: https://dnsdist.org/upgrade_guide.html#to-1-7-1
[2]: https://dnsdist.org
[3]: https://dnsdist.org/changelog.html#change-1.7.1
[4]: https://github.com/PowerDNS/pdns/issues/new/choose
[7]: https://repo.powerdns.com

Remi Gacogne
PowerDNS.COM BV - https://www.powerdns.com/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.powerdns.com/pipermail/pdns-announce/attachments/20220425/80a6be82/attachment.sig>

More information about the Pdns-announce mailing list