Release Notes: This release fixes the TSIG validation code that contained a possible weakness in the digest comparison. This has no huge security impact, but was worth fixing as soon as possible.
Release Notes: This release adds bugfixes, support for including a whole directory in 1.4.3, logging of remote control commands, a more lightweight "knotc reload" which doesn't reload unchanged zones, and "knotc -f refresh" to force zone retransfers in 1.4.4.
Release Notes: The most important highlight in this release is the automatic DNSSEC signing (a technology preview). It also reduces the memory footprint (up to 35% for large zones).
Release Notes: This release candidate added IDN support in Knot utilities, and in DNSSEC, support for the GOST algorithm. A crash in additional section processing, a race condition in event cancellation, journal corruption after failed transactions, and detection of ECDSA support for DNSSEC were identified and fixed. Memory consumption was optimized even more, and DNS Server Benchmarks (results and source code) were released.
Release Notes: This maintenance release fixes a crash in a particular additional section processing, a race condition in event cancellation, and a journal corruption after failed transactions.
Release Notes: This release fixes a few important bugs, e.g. in query processing or notify messages being ignored in some cases. There are a few touch-ups in the documentation and zone loading.
Release Notes: A new configuration option for max EDNS0 UDP payload was added. A bug causing the max payload to limit some TCP responses was fixed. Building on SLE 10 and a problem with reloading when files included in the configuration file were not closed have been fixed.
Release Notes: This release fixed responses with NSID containing extra bytes after reload. The list of remotes is now scanned for longest prefix match first. Support for multipacket TSIG signatures for transfers was added, and incorrectly parsed TSIG key secrets without quotes were fixed. autoconf checks for extended instruction sets were removed because they were breaking older hardware.
Release Notes: There are now defaults for CH TXT id.server,version.server. Bootstrap of many zones is now much faster. You can now use the ./configure --with-configdir option for the default config path. A new utility was provided for estimating memory consumption (see 'knotc memstats'). A PID file is no longer created when running in the foreground.
Release Notes: This release adds a new tool to estimate memory consumption, which is now available as a "knotc memstats", changed handling of PIDs (the PID file is now created only when running the daemon in the background), support for Unix sockets for daemon control (enabled by default), a new parser written in Ragel (fast enough that there's no need to precompile the zones, and reducing the memory foot print of the daemon), and the new DNS utilities kdig, khost, and knsupdate.