$Id: NEWS,v 1.22 2002/01/03 16:35:33 tmm Exp $

Version 0.9.4 was the first to be released to the public. For information on 
changes, see ChangeLog.

Version 0.9.5 introduces uptest=exec, and a modified config file syntax (cache
sizes are now specified in kB).

The versions 0.9.6 and 0.9.7 are bugfix releases.

Version 0.9.8 fixes a minor bug some build problems with glibc2.0 systems.

When compiling versions after 0.9.8, you will probably get more
compiler warningsthan before. This is because the C compiler settings
have been made stricter.

Version 0.9.9 contains the rc scripts for Red Hat Linux contributed by Torben 
Janssen, in addition to code cleanups and bugfixes.
The meaning of the option -v has changed in this release.
There is also a new config file option "lean_query" that is on by default. It 
is an optimization, so please look in the docs when updating whether you want 
it switched on or not.

Version 0.9.10 fixes some bugs and improves build on Red Hat.

Version 0.9.11 fixes a locally exploitable security hole (the cache file was
world writeable by default). Please see ChangeLog.old for details.

Version 1.0.0 has a lot of changes compared to the 0.9.x tree, but much of 
them "under the hood":
- IPv6 support (experimental; compile- and run-time configurable)
- FreeBSD (and such hopefully *BSD) support
- better rfc2181 compatability
- new options:
  - serve_aliases in source section
  - linkdown_kluge in global section 
  - max_ttl in global section 
- cache-code reorganization, only one unified hash (of variable depth)
- Optimizations & cleanups
- Automatic deps (only interesting for developers ;-)

Versions 1.0.1, 1.0.2 and 1.0.3 are bugfix releases.

Version 1.0.4 introduces the new options run_as, strict_setuid and
paranoid. These new options are optional security enhancements.

Version 1.0.5 has some bugfixes and the new "server_ip" option 
contributed by Wolfgang Ocker.

Version 1.0.6 has another set of bugfixes, in addition to higher compile-
time configurability and UDP query support. It also contains Debian rc
scripts contributed by Markus Mohr.

Version 1.0.7 introduces autoconf support, many new config file options and
the new pdnsd-ctl run-time configuration program.

Version 1.0.8 introduces special linux ppp device support contributed
by Ron Yorston, and has some bugfixes.

Versions 1.0.9 and 1.0.10 are bugfix releases.

Version 1.0.11 fixes two bugs that might be used for denial-of-service
attacks, upgrading is recommended.

Version 1.0.12 is a bugfix release and contains some security
enhancements. There are also inclusion/exclusion lists for servers
(new options include=, exclude=, policy= in the server
section).

Version 1.0.13 has some code cleanup, a fix for the Debian rc install,
and a security fix (contributed by Olaf Kirch): when changing
user and group id, pdnsd did not drop supplementary group IDs that
the original user was member of.

Version 1.0.14 has a fix in icmp.c that will make it build properly
on FreeBSD and older Linux systems.

Version 1.0.15 is mostly a bugfix release. It also has a new option:
randomize_recs in the global section.

Version 1.1.0 introduces negative cacheing, pdnsd-ctl enhancements and
a much improved FreeBSD support. The cache file format has changed from
prior releases. Some configuration defaults have changed, too.

Version 1.1.1 fixes a possible race condition in status socket creation.
This race might be used by a local attacker to change the access 
permissions of a certain file in /tmp. The risk of this is probably 
negligible. The default setup uses a non-privileged user, default mode 
0600, and the status socket is disabled normally, so this should be 
relatively safe. I don't see any possibility to exploit this, it is
more of a paranoia fix.
There are also some other minor fixes and documentation improvements. 
Upgrade is recommended. 

Version 1.1.2 has a fix for a bug that could cause SERVFAIL to be 
returned when NXDOMAIN would be appropriate. The bug surfaced only when
pdnsd queried name servers with a behaviour different from BIND's in the
NXDOMAIN case, e.g. pdnsd querying another pdnsd or e.g. djbdns. 

Version 1.1.3 added contrib/ and had a lot of robustness fixes.
This release addresses a security hole that affects only Linux systems. Due to
a bug in glibc, pdnsd could crash during a port scan. This release contains
a workaround for this, as well as a fix for a deadlock under heavy load 
conditions. It also fixes a possible problem that could be triggered by 
malicious servers, and contains numerous bug fixes.
A script, contributed by Marko Stolle, makes pdnsd useful in a DHCP setup.
pdnsd also preservers the case of names in the cache, and should work much
better on alpha machines (thanks for the contributions by Bjoern Fischer 
and P.J. Bostley that made this possible). New types were dded for rr 
sections and pdnsd-ctl.
Upgrade is recommended.

Version 1.1.4 fixes various smaller bugs, and should also improve the cache
write performance especially for larger caches.	There are also two new
features: servers can now be given a label (using the label server option)
which can be used to identify them for the pdnsd-ctl server command
(contributed by Andrew M. Bishop), and local records can be marked to make
the domain record authoritative in pdnsd's cache (which means that pdnsd will
assume that records that are not present in the cache for that domain are
non-existent); this is on by default now, and can be controlled using the new
authrec server option).

Version 1.1.5 contains a fix for a security bug that would allow local users
that are allowed to use pdnsd-ctl on a running pdnsd server to execute
arbitrary code as the user that pdnsd runs as (or on Linux, when strict_setuid
is not enabled, as the user that started pdnsd). The danger of this is usually
quite limited; the status socket is not enabled by default, it's default
permissions do only allow the user pdnsd runs as to use the socket,
strict_setuid is enabled by default and pdnsd runs as an unprivileged user.
There is also a new configure option, --enable-underscores, that will make
pdnsd allow underscores in domain names. Furthermore, the SRV record handling
has been fixed to allow underscores in any case (this was not allowed
previously, but is required by the RFC). SOA records are not put in the
answer section any more if no answers are found (this violates the RFC's).
It may be put in the authority section in a later version.
There are also various bugfixes in this release.
Upgrade is recommended.

Version 1.1.6 adds the query_port_start and query_port_end options (contributed
by Andreas Steinmetz), that allow confining the ports pdnsd uses for outgoing
queries to a certain range. It also fixes numerous bugs, one of which could
cause pdnsd to hang; update is therefore recommended.

Version 1.1.7 fixes some problems that might be remotely exploitable to
gain access as the user pdnsd runs as (an unprivileged user by default). To do
this, an attacker needs to control a name server that is queried by pdnsd, and
send a malicious reply to such a query. Upgrading is strongly recommended!
There are also minor bug fixes and stability improvements.

Version 1.1.7a fixes a reversed assertion that would cause pdnsd to terminate
if used with the ping uptest. No other changes were made.
