BIND 9.3.2 Release Notes (5900-1746, September 2011)

ManualsBrandsHP ManualsSoftwareHP-UX 11i v3 ONC and NFS Software

Table 9 Defects Fixed in both HP-UX 11i v1 and HP-UX 11i v2 Operating Systems (continued)

DescriptionIdentifier

While reloading the server using rndc(1), named(1M) consumes more memory.QXCR1001079458

While using recursive resolvers with the DNSSEC validation option enabled, the

DNSSEC query to the nameserver returns a message of SERVFAIL or validation failure.

QXCR1001092088

When old signatures are retained in the named cache, validation failures occur.QXCR1001092086

Defects fixed in BIND 9.3.2 (C.9.3.2.7.0)

The named daemon does not behave as expected for certain messages.QXCR1000952300

The nameserver caches invalid responses from the additional section of the response

packet while processing recursive client queries.

QXCR1000991848

The nameserver sometimes returns invalid CNAME or DNAME responses.QXCR1001009615

The nameserver sometime returns invalid NXDOMAIN responses.QXCR1001004094

When named is started in a chroot environment, the following error is displayed:

open(/dev/poll) failed:No such file or directory

QXCR1000962881

Defects fixed in BIND 9.3.2 (C.9.3.2.4.0)

Some DNS responses arriving at the host are not being delivered to the /usr/sbin/

named process but instead are directed to other processes running on the same host.

QXCR1000848700

The TCP accept() call fails to create the new connection socket and logs one of the

following errors:

internal accept: accept() failed: Too many open files

internal_accept: fcntl() failed: Too many open files

QXCR1000879111

The closure criteria for sockets lead to inconsistent states in the socket module.QXCR1000848714

Using the rrset-order option with value fixed in the /etc/named.conf file

displays the following error message:

rrset-order: order 'fixed' not fully implemented.

QXCR1000886576

The return values from the OpenSSL library functions are not checked properly in DNS

code.

QXCR1000893386

Some filesets are not installed when BIND 9.3.2 is upgraded to a higher version.QXCR1000874093

DNSSEC Lookaside Validation (DLV) processing does not handle unknown signature

algorithms correctly.

QXCR1000924015

Defects fixed in BIND 9.3.2 (C.9.3.2.3.0)

The rndc recursing output file named.recursing contains old data.QXCR1000577501

Forgery resilience needs more improvements.QXCR1000821672

Defects fixed in BIND 9.3.2 (C.9.3.2.2.0)

Query ID generation is cryptographically weak.JAGag45362

Defects fixed in BIND 9.3.2 (C.9.3.2.1.0)

named(1M) does not handle queries of type ANY properly.JAGag32951

named(1M) aborts unexpectedly under certain circumstances.JAGag32950

Under certain circumstances, DNSSEC utilities do not work properly.JAGag24093

Defects fixed in BIND 9.3.2 (C.9.3.2.0.0)

BIND does not handle SIG records properly.JAGag14593

16 BIND 9.3.2 Release Notes