Hello!
We are proud to announce the release of PowerDNS Recursor 4.4.0.
Compared to the last release candidate, this release contains a fix for the cache pollution issue described in security advisory 2020-07. Please refer to the changelog for details.
Compared to the 4.3 release of PowerDNS Recursor, this release contains these major enhancements:
- Native DNS64 support, without the need to use Lua.
- The ability to add custom tags to RPZ hits.
- Names encountered while resolving CNAMEs are now subject to RPZ processing.
- More detailed information about RPZ handling is now available while tracing, in Lua and in the protobuf logging messages.
- To allow more efficient use, the record cache is now shared between threads.
- A routing tag can be added in Lua code, which will be used as an additional record cache key instead of an EDNS subnet mask, enabling for a simpler record cache structure which will enhance query processing where the EDNS subnet mask is relevant.
- The Proxy Protocol version 2 has been implemented to allow for a structured exchange of information between a client (typically dnsdist) and the Recursor. See the documentation for details.
We are grateful to all reporters of bugs, issues, feature requests, and submitters of fixes and features. We also like to thank anybody who tested the pre-releases.
Please note that with this release, the 4.1.x branch will be marked End of Life and the 4.2.x branch will go into critical security update mode only. See our release cycle document for more details. The upgrade notes contain information that helps doing upgrades from previous versions.
The tarball (signature) is available at downloads.powerdns.com and packages for CentOS 7 and 8, Debian Stretch and Buster, Ubuntu Xenial, Bionic and Focal are available from repo.powerdns.com.
Please send us all feedback and issues you might have via the mailing list, or in case of a bug, via GitHub.