Changelogs for 4.6.x
====================

.. changelog::
  :version: 4.6.4
  :released: 9th of December 2022

  This is release 4.6.4 of the Authoritative Server.
  It contains various small fixes.

  .. change::
    :tags: Bug Fixes
    :pullreq: 12303

    pdnsutil edit-zone, detect capitalization changes in LUA, TXT and SPF records

  .. change::
    :tags: Bug Fixes
    :pullreq: 11945

    initialize zone cache after dropping privileges; Detect invalid bytes in makeBytesFromHex()  (Kees Monshouwer)

  .. change::
    :tags: Bug Fixes
    :pullreq: 12035

    Log "NULL" for nullptr-bound properties instead of dereferencing

  .. change::
    :tags: Bug Fixes
    :pullreq: 12033

    LUA records: we only need one IsUpOracle checker thread

  .. change::
    :tags: Bug Fixes
    :pullreq: 12031

    axfr-retriever: abort on chunk with TC set

  .. change::
    :tags: Improvements
    :pullreq: 11978

    docker: upgrade to bullseye

  .. change::
    :tags: Bug Fixes
    :pullreq: 11871

    use getInnerRemote() for the remotes ring


.. changelog::
  :version: 4.6.3
  :released: 13th of July 2022

  This is version 4.6.3 of the Authoritative Server.
  It contains a few bug fixes, and marks the appearance of Ubuntu Jammy packages for the 4.6 branch.

  .. change::
    :tags: Bug Fixes
    :pullreq: 11765

    fix deleteDomain() in lmdb backend (Kees Monshouwer)

  .. change::
    :tags: Bug Fixes
    :pullreq: 11746

    RFC2136: match autosplit TXT correctly

.. changelog::
  :version: 4.6.2
  :released: 12th of April 2022

  This is version 4.6.2 of the Authoritative Server.
  It contains a carefully selected set of new features, plus a few bug fixes.

  .. change::
    :tags: Improvements, New Features
    :pullreq: 11406

    LMDB backports:

    * each LMDB database now gets a UUID
    * lmdbbackend can now (optionally: :ref:`settings-lmdb-random-ids`) use random IDs instead of incremental IDs for objects
    * LMDB map size is now configurable (:ref:`settings-lmdb-map-size`)
    * one uninitialised memory issue that was fixed

  .. change::
    :tags: New Features
    :pullreq: 11409

    API: fetch individual rrsets

  .. change::
    :tags: Bug Fixes, Enhancements
    :pullreq: 11407

    fix proxy protocol query statistics and add more detailed latency metrics

  .. change::
    :tags: New Features
    :pullreq: 11408

    LUA: add ifurlextup function

.. changelog::
  :version: 4.6.1
  :released: 25th of March 2022

  This is a security fix release for :doc:`PowerDNS Security Advisory 2022-01 <../security-advisories/powerdns-advisory-2022-01>`.
  Additionally, because CentOS 8 is End Of Life now, we have switched those builds to Oracle Linux 8. The resulting packages are compatible with RHEL and all derivatives.

  .. change::
    :tags: Bug Fixes
    :pullreq: 11455

    Fix validation of incremental zone transfers (IXFRs).

.. changelog::
  :version: 4.6.0
  :released: 25th of January 2022

  This is version 4.6.0 of the Authoritative Server.

  This release contains a ton of improvements and bug fixes compared to 4.5, and a couple of user visible changes.

  New features:

  * support for incoming PROXY headers
  * support for EDNS Cookies
  * autoprimary management via pdnsutil and the API

  Please make sure to read the :doc:`upgrade notes <../upgrading>` before upgrading.

  Compared to 4.6.0-rc1, this release contains a couple bug fixes and a small improvement.

  .. change::
    :tags: Bug Fixes
    :pullreq: 11205

    Fix swagger/openapi spec for new autoprimary management interface

  .. change::
    :tags: Bug Fixes
    :pullreq: 11220

    fix multiple CDS records in an AXFR (Kees Monshouwer)

  .. change::
    :tags: Improvements
    :pullreq: 11206

    show QType by name in log message (Chris Hofstaedtler)

.. changelog::
  :version: 4.6.0-rc1
  :released: 14th of January 2022

  This is version 4.6.0-rc1 of the Authoritative Server.
  This release contains a ton of improvements and bug fixes compared to 4.5, and a couple of user visible changes.

  New features:

  * support for incoming PROXY headers
  * support for EDNS Cookies
  * autoprimary management via pdnsutil and the API

  Please make sure to read the :doc:`upgrade notes <../upgrading>` before upgrading.

  Compared to 4.6.0-beta1, this release contains one new feature (autoprimary management via API and pdnsutil) and a bunch of bug fixes.

  .. change::
    :tags: Improvements
    :pullreq: 11160

    add zone removal to the zone cache (Kees Monshouwer)

  .. change::
    :tags: Bug Fixes
    :pullreq: 11145

    pdnsutil edit-zone: fix n and e behaviour on increase-serial prompt

  .. change::
    :tags: Bug Fixes
    :pullreq: 11159

    lmdb: check if the lookup name is part of the zone (Kees Monshouwer)

  .. change::
    :tags: New Features
    :pullreq: 11161

    add autoprimary management in API & pdnsutil

  .. change::
    :tags: Bug Fixes
    :pullreq: 11139

    lmdb: fix records removal in deleteDomain(); improve tcp exception handling

  .. change::
    :tags: Improvements
    :pullreq: 11093

    docker images: Remove capability requirements

.. changelog::
  :version: 4.6.0-beta1
  :released: 9th of December 2021

  This is version 4.6.0-beta1 of the Authoritative Server.
  This release contains a ton of improvements and bug fixes compared to 4.5, and a couple of user visible changes.

  New features:

  * support for incoming PROXY headers
  * support for EDNS Cookies

  Please make sure to read the :doc:`upgrade notes <../upgrading>` before upgrading.

  Compared to 4.6.0-alpha1, the major user visible change is the new NSEC3PARAM settings (again, see the upgrade docs).
  Besides that, see below for various fixes.

  .. change::
    :tags: Bug Fixes
    :pullreq: 11068

    prevent bind-hybrid+zone-cache

  .. change::
    :tags: Improvements
    :pullreq: 11067

    pdnsutil: skip SHA1 DSes except in verbose mode

  .. change::
    :tags: Improvements
    :pullreq: 11066

    add zone to zone cache on flush API endpoint

  .. change::
    :tags: Bug Fixes
    :pullreq: 10982

    Condition to HAVE_SYSTEMD_WITH_RUNTIME_DIR_ENV is reversed.
    During build, the runtime directory in the service files for virtual-hosting are now correctly generated.

  .. change::
    :tags: Improvements
    :pullreq: 11012

    new default nsec3param settings

  .. change::
    :tags: Bug Fixes
    :pullreq: 10981

    dnsupdate/2136: apply new TTL to whole RRset, not only to the added record

  .. change::
    :tags: Bug Fixes
    :pullreq: 10941

    bindbackend: skip rejected zones during list and search

  .. change::
    :tags: Bug Fixes
    :pullreq: 10963

    make the zone cache more robust for bad data and save some SOA queries for DNSSEC zones (Kees Monshouwer)

  .. change::
    :tags: Improvements
    :pullreq: 10959

    api, check qtype location (Kees Monshouwer)

  .. change::
    :tags: Improvements
    :pullreq: 10865

    put some json on /api/v1

  .. change::
    :tags: Bug Fixes
    :pullreq: 10951

    improve dnsname exception handling for SOA records (Kees Monshouwer)

  .. change::
    :tags: Improvements
    :pullreq: 10919

    Add more UDP error metrics (checksum, IPv6)

  .. change::
    :tags: Improvements
    :pullreq: 10901

    ZoneParserTNG: Stricter checks when loading a zone file

  .. change::
    :tags: Improvements
    :pullreq: 10891

    Implement fd-usage metric for OpenBSD

.. changelog::
  :version: 4.6.0-alpha1
  :released: 7th of October 2021

  This is version 4.6.0-alpha1 of the Authoritative Server.
  This release contains a ton of improvements and bug fixes compared to 4.5, and a couple of user visible changes.

  New features:
  
  * support for incoming PROXY headers
  * support for EDNS Cookies

  Please make sure to read the :doc:`upgrade notes <../upgrading>` before upgrading.

  .. change::
    :tags: Improvements
    :pullreq:  10727

    SVCB: Accept known SVCParams in generic format

  .. change::
    :tags: New Features
    :pullreq:  10289

    Implement EDNS cookies

  .. change::
    :tags: Improvements
    :pullreq:  10653

    Convert locks to LockGuarded

  .. change::
    :tags: Improvements
    :pullreq:  10157

    Move to hashed passwords for the web interface

  .. change::
    :tags: New Features
    :pullreq:  10660

    incoming PROXY support

  .. change::
    :tags: Improvements
    :pullreq:  10484

    remove randombackend (Kees Monshouwer)

  .. change::
    :tags: Bug Fixes
    :pullreq:  10672

    lmdb-safe: resizing while there might be open transactions is unsafe

  .. change::
    :tags: Bug Fixes
    :pullreq:  10642

    checkKey: handle NULL error string from OpenSSL more gracefully

  .. change::
    :tags: Improvements
    :pullreq: 10780

    remove attodot feature; fixes #10254

  .. change::
    :tags: Bug Fixes
    :pullreq: 10788

    improve SOA parse exception handling (Kees Monshouwer)

  .. change::
    :tags: Improvements
    :pullreq: 10562

    auth NOTIFY: log names of NSes we could not resolve

  .. change::
    :tags: Improvements
    :pullreq: 10779

    pdns_control man page: fix copy+paste for decrypt (Josh Soref)

  .. change::
    :tags: Bug Fixes
    :pullreq: 10748

    try to reload rejected zones in bind-backend (Kees Monshouwer)

  .. change::
    :tags: Bug Fixes
    :pullreq: 10231

    send YXDOMAIN for too long DNAME synth

  .. change::
    :tags: Improvements
    :pullreq: 10770

    Gracefully handle uncaught exceptions in the UDP path

  .. change::
    :tags: Improvements
    :pullreq: 10749

    add cookie counters (Kees Monshouwer)
