fed34e531e
--- 9.16.42 released --- 6192. [security] A query that prioritizes stale data over lookup triggers a fetch to refresh the stale data in cache. If the fetch is aborted for exceeding the recursion quota, it was possible for 'named' to enter an infinite callback loop and crash due to stack overflow. This has been fixed. (CVE-2023-2911) [GL #4089] 6190. [security] Improve the overmem cleaning process to prevent the cache going over the configured limit. (CVE-2023-2828) [GL #4055] 6183. [bug] Fix a serve-stale bug where a delegation from cache could be returned to the client. [GL #3950] 6173. [bug] Properly process extra "nameserver" lines in resolv.conf otherwise the next line is not properly processed. [GL #4066] 6169. [bug] named could crash when deleting inline-signing zones with "rndc delzone". [GL #4054] --- 9.16.41 released --- 6157. [bug] When removing delegations in an OPTOUT range empty-non-terminal NSEC3 records generated by those delegations were not removed. [GL #4027] --- 9.16.40 released --- 6142. [bug] Reduce the number of dns_dnssec_verify calls made determining if revoked keys needs to be removed from the trust anchors. [GL #3981] 6138. [doc] Fix the DF-flag documentation on the outgoing UDP packets. [GL #3710] 6132. [doc] Remove a dead link in the DNSSEC guide. [GL #3967] 6129. [cleanup] Value stored to 'source' during its initialization is never read. [GL #3965] 6124. [bug] When changing from a NSEC3 capable DNSSEC algorithm to an NSEC3 incapable DNSSEC algorithm using KASP the zone could sometimes be incompletely signed. [GL #3937] 5741. [bug] Log files with "timestamp" suffixes could be left in place after rolling, even if the number of preserved log files exceeded the configured "versions" limit. [GL #828] [GL #3959] --- 9.16.39 released --- 6119. [bug] Make sure to revert the reconfigured zones to the previous version of the view, when the new view reconfiguration fails during the configuration of one of the configured zones. [GL #3911] 6116. [bug] Fix error path cleanup issue in the dns_catz_new_zones() function. [GL #3900] 6115. [bug] Unregister db update notify callback before detaching from the previous db inside the catz update notify callback. [GL #3777] 6105. [bug] Detach 'rpzs' and 'catzs' from the previous view in configure_rpz() and configure_catz(), respectively, just after attaching it to the new view. [GL #3880] 6098. [test] Don't test HMAC-MD5 when not supported by libcrypto. [GL #3871] 6095. [test] Test various 'islands of trust' configurations when using managed keys. [GL #3662] 6094. [bug] Building against (or running with) libuv versions 1.35.0 and 1.36.0 is now a fatal error. The rules for mixing and matching compile-time and run-time libuv versions have been tightened for libuv versions between 1.35.0 and 1.40.0. [GL #3840] --- 9.16.38 released --- 6083. [bug] Fix DNSRPS-enabled builds as they were inadvertently broken by change 6042. [GL #3827] 6081. [bug] Handle primary server address lookup failures in nsupdate more gracefully. [GL #3830] 6080. [bug] 'named -V' leaked memory. [GL #3829] 6079. [bug] Force set the DS state after a 'rdnc dnssec -checkds' command. [GL #3822] 6075. [bug] Add missing node lock when setting node->wild in add_wildcard_magic. [GL #3799] 6072. [bug] Avoid the OpenSSL lock contention when initializing Message Digest Contexts by using explicit algorithm fetching, initializing static contexts for every supported algorithms, and initializing the new context by copying the static copy. [GL #3795] 6069. [bug] Detach from the view in zone_shutdown() to release the memory held by the dead view early. [GL #3801] |
||
|---|---|---|
| bin | ||
| common | ||
| compat | ||
| crypto | ||
| dist/pf | ||
| distrib | ||
| doc | ||
| etc | ||
| external | ||
| games | ||
| include | ||
| lib | ||
| libexec | ||
| regress | ||
| rescue | ||
| sbin | ||
| share | ||
| sys | ||
| tests | ||
| tools | ||
| usr.bin | ||
| usr.sbin | ||
| BUILDING | ||
| Makefile | ||
| Makefile.inc | ||
| README.md | ||
| UPDATING | ||
| build.sh | ||
README.md
NetBSD
NetBSD is a free, fast, secure, and highly portable Unix-like Open Source operating system. It is available for a wide range of platforms, from large-scale servers and powerful desktop systems to handheld and embedded devices.
Building
You can cross-build NetBSD from most UNIX-like operating systems. To build for amd64 (x86_64), in the src directory:
./build.sh -U -u -j4 -m amd64 -O ~/obj release
Additional build information available in the BUILDING file.
Binaries
Testing
On a running NetBSD system:
cd /usr/tests; atf-run | atf-report
Troubleshooting
- Send bugs and patches via web form.
- Subscribe to the mailing lists. The netbsd-users list is a good choice for many problems; watch current-users if you follow the bleeding edge of NetBSD-current.
- Join the community IRC channel #netbsd @ libera.chat.
Latest sources
To fetch the main CVS repository:
cvs -d anoncvs@anoncvs.NetBSD.org:/cvsroot checkout -P src
To work in the Git mirror, which is updated every few hours from CVS:
git clone https://github.com/NetBSD/src.git