Dear Knot Resolver users, Knot Resolver 5.3.2 has been released! Security -------- - validator: fix 5.3.1 regression on over-limit NSEC3 edge case (!1169) Assertion might be triggered by query/answer, potentially DoS. Improvements ------------ - cache: improve handling write errors from LMDB (!1159) - doh2: improve handling of stream errors (!1164) Bugfixes -------- - dnstap module: fix repeated configuration (!1168) - validator: fix SERVFAIL for some rare dynamic proofs (!1166) - fix SIGBUS on uncommon ARM machines (unaligned access; !1167, #426) - cache: better resilience on abnormal termination/restarts (!1172) - doh2: fix memleak on stream write failures (!1161) Full changelog: https://gitlab.nic.cz/knot/knot-resolver/raw/v5.3.2/NEWS Sources: https://secure.nic.cz/files/knot-resolver/knot-resolver-5.3.2.tar.xz GPG signature: https://secure.nic.cz/files/knot-resolver/knot-resolver-5.3.2.tar.xz.asc Documentation: https://knot-resolver.readthedocs.io/en/v5.3.2/ -- Tomas Krizek PGP: 4A8B A48C 2AED 933B D495 C509 A1FB A5F7 EF8C 4869