|
| 1 | +07/21/2024 |
| 2 | + - 3.6.0 released |
| 3 | + - Fix CVE-2024-25638 (GHSA-cfxw-4h78-h7fw) |
| 4 | + Lookup and LookupSession do not sanitize input properly, |
| 5 | + allowing to smuggle additional responses, even with DNSSEC. |
| 6 | + I would like to thank Thomas Bellebaum from Fraunhofer AISEC |
| 7 | + (@bellebaum) and Martin Schanzenbach (@schanzen) for reporting |
| 8 | + and assisting me with this issue. |
| 9 | + - Fix CVE-2023-50387 (GHSA-crjg-w57m-rqqf) |
| 10 | + Denial-of-Service Algorithmic Complexity Attacks (KeyTrap) |
| 11 | + - Fix CVE-2023-50868 (GHSA-mmwx-rj87-vfgr) |
| 12 | + NSEC3 closest encloser proof can exhaust CPU resources (KeyTrap) |
| 13 | + - Fix running all DNSSEC on the specified executor |
| 14 | + - Add new DNSSEC algorithm constants for SM2SM3 and ECC-GOST12 |
| 15 | + - Add A/AAAA record constructor with IP address byte array |
| 16 | + - Validate DS record digest lengths (#250) |
| 17 | + - Fix NPE in SimpleResolver on invalid responses (#277) |
| 18 | + - Add support for JEP 418: Internet-Address Resolution SPI (#290) |
| 19 | + - Full JPMS support (#246) |
| 20 | + - Pluggable I/O for SimpleResolver |
| 21 | + (@chrisruffalo, #253) |
| 22 | + - UDP port leak in SimpleResolver (#318) |
| 23 | + - Fix clean shutdown in app containers when never used (#319) |
| 24 | + - Fix concurrency issue in I/O clients (#315, #323) |
| 25 | + - LookupSession doesn't cache CNAMEs (#316) |
| 26 | + - SimpleResolver can fail with UPDATE response (#322) |
| 27 | + - Replace synchronization in Zone with locks |
| 28 | + (#305, based on work from @srijeet0406 in #306) |
| 29 | + |
1 | 30 | 11/11/2023 |
2 | 31 | - 3.5.3 released |
3 | 32 | - Fix CNAME in LookupSession (#279) |
|
28 | 57 | - Add full built-in support for DNSSEC based on dnssecjava (#209) |
29 | 58 | - Make Record classes serializable again (#242) |
30 | 59 | - Allow SVCB ServiceMode records without params |
31 | | - (#244, @adam-stoler) |
| 60 | + (#244, @adam-stoler) |
32 | 61 | - Fix TCPClient receive timeouts |
33 | | - (#218 @nguydavi, #219) |
| 62 | + (#218 @nguydavi, #219) |
34 | 63 |
|
35 | 64 | 12/05/2021 |
36 | 65 | - 3.4.3 released |
|
82 | 111 | - 3.3.1 released |
83 | 112 | - Fix value of getAlias in C/DNameRecord (#136) |
84 | 113 | - Fix bug with SVCB/HTTPS parsing of master file format |
85 | | - (PR#135, @adam-stoler) |
| 114 | + (PR#135, @adam-stoler) |
86 | 115 |
|
87 | 116 | 09/27/2020 |
88 | 117 | - 3.3.0 released |
|
145 | 174 | - 3.0.0-next.1 released |
146 | 175 | - Requires Java 8 and slf4j-api |
147 | 176 | - Adds support for Java 9+ and Android O+ via a new server config |
148 | | - lookup system (#6, #9, |
| 177 | + lookup system (#6, #9) |
149 | 178 | - Resolving is now fully asynchronous, no new thread per query anymore |
150 | 179 | - Message provides information about the resolver that produced it (#41) |
151 | 180 | - Add support for Host Identity Protocol (HIP) records (RFC 8005, #47) |
|
460 | 489 | - The TSIG verification routines (TSIG.verify, |
461 | 490 | TSIG.StreamVerifier.verify() now update the Message object with the |
462 | 491 | status of the verification in addition to returning the status. |
463 | | - |
| 492 | + |
464 | 493 | 6/03/2009 |
465 | 494 | - The lists of servers and searchlist entries in ResolverConfig should |
466 | 495 | not be static. |
|
695 | 724 |
|
696 | 725 | 5/7/2005 |
697 | 726 | - Fix several problems with empty names. |
698 | | - (Matt Rutherford <rutherfo@cs.colorado.edu>) |
| 727 | + (Matt Rutherford <rutherfo@cs.colorado.edu>) |
699 | 728 |
|
700 | 729 | 4/23/2005 |
701 | 730 | - As per RFC 2181, the maximum allowed TTL value is 0x7FFFFFFF. |
|
1119 | 1148 | - Converting some types of records (TXT, for example) to wire format |
1120 | 1149 | could throw an IndexOutOfBoundsException. |
1121 | 1150 | - TSIG signed UDP queries weren't properly verified by jnamed. |
1122 | | - - Add a method to render a Message with a specified maximum size - |
| 1151 | + - Add a method to render a Message with a specified maximum size - |
1123 | 1152 | this method will properly truncate large responses and apply |
1124 | 1153 | TSIG signatures. |
1125 | 1154 |
|
|
1185 | 1214 |
|
1186 | 1215 | 10/6/2002 |
1187 | 1216 | - Fix minor bugs in Name code (Bob Halley <bob.halley@nominum.com>) |
1188 | | - |
| 1217 | + |
1189 | 1218 | 10/1/2002 |
1190 | 1219 | - Memory usage and speed improvements to the TypeMap class. |
1191 | 1220 |
|
|
1418 | 1447 | (Christopher Fitch <cfitch@sbti.com>) |
1419 | 1448 | - Added a routine to build a SIG record based on the results of |
1420 | 1449 | a DSA signature (Pasi Eronen <pe@iki.fi>) |
1421 | | - |
| 1450 | + |
1422 | 1451 | 8/13/2000 |
1423 | 1452 | - Added 'clear' command to update client |
1424 | 1453 | - Removed some deprecated code |
|
1688 | 1717 | 5/13/1999 |
1689 | 1718 | - split WorkerThread into WorkerThread and ResolveThread |
1690 | 1719 |
|
1691 | | -4/25/1999 |
| 1720 | +4/25/1999 |
1692 | 1721 | - moved files to org.xbill.DNS |
1693 | 1722 | - Cache round-robins RRsets before handing them out |
1694 | 1723 | - changed the way ExtendedResolver decides when to send queries |
1695 | 1724 | - various reflection changes |
1696 | 1725 |
|
1697 | | -4/21/1999 |
| 1726 | +4/21/1999 |
1698 | 1727 | - minor WorkerThread fixes |
1699 | 1728 |
|
1700 | | -4/19/1999 |
| 1729 | +4/19/1999 |
1701 | 1730 | - 0.9.1 released |
1702 | 1731 | - WorkerThreads should die after 15 minutes of idle time |
1703 | 1732 | - Address.getByName/getAllByName handle dotted quad IP addresses |
1704 | 1733 |
|
1705 | | -4/18/1999 |
| 1734 | +4/18/1999 |
1706 | 1735 | - 0.9 released |
1707 | 1736 | - Finished javadoc-ing classes in DNS.* |
1708 | 1737 | - Server should work now |
|
0 commit comments