EPEL Fwd: [Pdns-dev] Recursor 3.6.0 released

Fred Wittekind rom at twister.dyndns.org
Fri Jun 27 14:05:42 UTC 2014 

Any chance of getting this update into EPEL?

The pdns packages don't seem to be tracked by Upstream release monitoring

Thanks
Fred Wittekind

-------- Original Message --------
Subject: 	[Pdns-dev] Recursor 3.6.0 released
Date: 	Fri, 20 Jun 2014 12:17:40 +0200
From: 	Peter van Dijk <peter.van.dijk at netherlabs.nl>
To: 	pdns-users Users <pdns-users at mailman.powerdns.com>, 
pdns-dev at mailman.powerdns.com, pdns-announce at mailman.powerdns.com



Hi everybody,

version 3.6.0 of the PowerDNS Recursor is now available from
https://www.powerdns.com/downloads.html

Kees Monshouwer provides native RHEL5/6 packages at
http://www.monshouwer.eu/download/3rd_party/pdns-recursor/

Full release notes, with clickable links, are available from:
http://doc.powerdns.com/html/changelog.html#changelog-recursor-3.6.0

3.6.0 is the best version of the PowerDNS Recursor currently available, and we
recommend upgrading to it.

Here is a text-only version:

    This is a performance, feature and bugfix update to 3.5/3.5.3.
    It contains important fixes for slightly broken domain names,
    which your users expect to work anyhow. It also brings robust
    resilience against certain classes of attacks.

    Changes between RC1 and release:
      * g30b13ef: do not apply some of our filters to root and
        gtlds, plus remove some useless {}
      * gcc81d90: fix yahttp copy in dist-recursor for BSD cp
      * gb798618: define __APPLE_USE_RFC_3542 during recursor build
        on Darwin, fixes t1449
      * g1d7f863: Merge pull request t1443 from
        zeha/recursor-nostrip
      * g5cdeede: remove (non-working) [aaaa-]additional-processing
        flags from the recursor. Closes t1448
      * g984d747: Support building recursor on kFreeBSD and Hurd
      * g79240f1: Allow not stripping of binaries in recursor's
        make install
      * ge9c2ad3: document pdns.DROP for recursor, add policy-drops
        metric for it

    New features:
      * gaadceba: Implement minimum-ttl-override config setting,
        plus runtime configurability via 'rec_control
        set-minimum-ttl'.
      * Lots of work on the JSON API, which is exposed via Aki
        Tuomi's 'yahttp'. Massive thanks to Christian Hofstaedtler
        for delivering this exciting new functionality.
        Documentation & demo forthcoming, but code to use it is
        available on GitHub.
      * Lua modules can now use 'pdnslog(INFO..'), as described in
        t1074, implemented in g674a305
      * Adopt any-to-tcp feature to the recursor. Based on a patch
        by Winfried Angele. Closes t836, g56b4d21 and ge661a20.
      * g2c78bd5: implement built-in statistics dumper using the
        'carbon' protocol, which is also understood by metronome
        (our mini-graphite). Use 'carbon-server', 'carbon-ourname'
        and 'carbon-interval' settings.
      * New setting 'udp-truncation-threshold' to configure from
        how many bytes we should truncate. ga09a8ce.
      * Proper support for CHaos class for CHAOS TXT queries.
        gc86e1f2, addition for lua in gf94c53d, some warnings in
        g438db54 however.
      * Added support for Lua scripts to drop queries w/o further
        processing. g0478c54.
      * Kevin Holly added qtype statistics to recursor and
        rec_control (get-qtypelist) (g79332bf)
      * Add support for include-files in configuration, also reload
        ACLs and zones defined in them (g829849d, g242b90e,
        g302df81).
      * Paulo Anes contributed server-down-max-fails which helps
        combat Recursive DNS based amplification attacks. Described
        in this post. Also comes with new metric
        'failed-host-entries' in g406f46f.
      * g21e7976: Implement "followCNAMERecords" feature in the Lua
        hooks.

    Improvements:
      * g06ea901: make pdns-distributes-queries use a hash so
        related queries get sent to the same thread. Original idea
        by Winfried Angele. Astoundingly effective, approximately
        halves CPU usage!
      * gb13e737: --help now writes to stdout instead of stderr.
        Thanks Winfried Angele.
      * To aid in limiting DoS attacks, when truncating a response,
        we actually truncate all the way so only the question
        remains. Suggested in t1092, code in gadd935a.
      * No longer experimental, the switch
        'pdns-distributes-queries' can improve multi-threaded
        performance on Linux (various cleanup commits).
      * Update to embedded PolarSSL, plus remove previous AES
        implementation and shift to PolarSSL (ge22d9b4, g990ad9a)
      * g92c0733 moves various Lua magic constants into an enum
        namespace.
      * set group and supplementary groups before chroot (g6ee50ce,
        t1198).
      * g4e9a20e: raise our socket buffer setting so it no longer
        generates a warning about lowering it.
      * g4e9a20e: warn about Linux suboptimal IPv6 settings if we
        detect them.
      * SIGUSR2 turns on a 'trace' of all DNS traffic, a second
        SIGUSR2 now turns it off again. g4f217ce.
      * Various fixes for Lua 5.2.
      * g81859ba: No longer attempt to answer questions coming in
        from port 0, reply would not reach them anyhow. Thanks to
        Niels Bakker and 'sid3windr' for insight & debugging.
        Closes t844.
      * gb1a2d6c: now, I'm not one to get OCD over things, but that
        log message about stats based on 1801 seconds got to me.
        1800 now.

    Fixes:
      * 0c9de4fc: stay away from getaddrinfo unless we really can't
        help it for ascii ipv6 conversions to binary
      * g08f3f63: fix average latency calculation, closing t424.
      * g75ba907: Some of our counters were still 32 bits, now 64.
      * g2f22827: Fix statistics and stability when running with
        pdns-distributes-queries.
      * g6196f90: avoid merging old and new additional data, fixes
        an issue caused by weird (but probably legal) Akamai
        behaviour
      * g3a8a4d6: make sure we don't exceed the number of available
        filedescriptors for mthreads. Raises performance in case of
        DoS. See this post for further details.
      * g7313fe6: implement indexed packet cache wiping for
        recursor, orders of magnitude faster. Important when
        reloading all zones, which causes massive cache cleaning.
      * rec_control get-all would include 'cache-bytes' and
        'packetcache-bytes', which were expensive operations, too
        expensive for frequent polling. Removed in g8e42d27.
      * All old workarounds for supporting Windows of the XP era
        have been removed.
      * Fix issues on S390X based systems which have unsigned
        characters (g916a0fd)




-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/epel-devel/attachments/20140627/b3bcfce7/attachment.html>

More information about the epel-devel mailing list