dnsdist 1.7.1 released

Apr 25, 2022

Hello!

We are very happy to release dnsdist 1.7.1 today, a maintenance release fixing a few bugs reported since 1.7.0:

  • A use-after-free error could happen if a network error occurred in the middle of a XFR query, for a proxy-protocol-enabled backend, leading to a crash
  • The TLS Server Name Indication was not properly set on outgoing DNS over HTTPS or DNS over TLS connections to a backend
  • The health-check timeout was not properly set for outgoing DNS over HTTPS connections, leading to a very long timeout
  • The outgoing protocol was not always properly set in our in-memory ring buffers
  • Outgoing UDP timeouts were sometimes processed a bit too late when the health-check interval was set to more than one second
  • Filtering qnames via eBPF was broken
  • The dynamic block mechanism was not properly switching to eBPF filtering, when available, if the block action was not explicitly set
  • The latency histogram was broken in our prometheus metrics
  • Trying to create a 0-sized packet cache would lead to a crash

In addition to these fixes, our Docker images no longer have capability requirements. More information on that topic is available in our upgrade guide.

We also improved our compatibility with OpenSSL 3.0.0’s API.

As usual there were also other smaller enhancements and fixes, please see the dnsdist website for the more complete changelog and the current documentation.

Please send us all feedback and issues you might have via the mailing list, or in case of a bug, via GitHub.

We are grateful to the PowerDNS community for the reporting of bugs, issues, feature requests, and especially to the submitters of fixes and implementations of features.

The release tarball and its signature are available on the downloads website, and packages for several distributions are available from our repository.

About the author

Remi Gacogne

Remi Gacogne

Senior Developer at PowerDNS

Categories

Related Articles

PowerDNS’ progress in DNS encryption

Like many other internet protocols, DNS started life as an unencrypted protocol. With the increasing recognition of internet...

Andrea Carpani Feb 27, 2024

PowerDNS Authoritative Server 4.9.0-beta2

This is release 4.9.0-beta2 (beta1 was not released, due to a tagging mistake) of the Authoritative Server. It brings a few...

Peter van Dijk Feb 16, 2024

PowerDNS DNSdist 1.9.0 released

We are very happy to release PowerDNS DNSdist 1.9.0 today! This new version brings a fair number of new features since...

Remi Gacogne Feb 16, 2024

PowerDNS Recursor Security Advisory 2024-01

Today we have released PowerDNS Recursor 4.8.6, 4.9.3 and 5.0.2. These releases fix PowerDNS Security Advisory 2024-01:...

Otto Moerbeek Feb 13, 2024