Release Notes for DNS Server

Domain Name System (DNS) helps users find Internet applications, computers, or other network devices by translating domain names into IP addresses. With DNS Server, your Synology Router can host multiple zones as well as provide name and IP address resolution services.

Version: 9.16.23-6118


(2022-04-06)

Fixed Issues

  1. Fixed an issue where DNS Server might not be able to accurately listen to the IP address changes of Synology NAS when Synology High Availability was updated.

Version: 9.16.23-6117


(2022-02-17)

Compatibility & Installation

  1. DNS Server 9.16.23 requires DSM 7.1 or versions above.

What's New

  1. Updated to BIND 9.16.23.

Fixed Issues

  1. Fixed an issue where the domain data of Windows Server 2003 could not be migrated to Synology Directory Server.
  2. Fix an issue where turning off IPv6 might cause the event "lame-servers network unreachable resolving" to repeatedly appear in the Log page and prevent domain names from being resolved properly.
  3. Fix an issue where domain names might not be resolved properly when more than two views were added to the AD zone.
  4. Fixed a security vulnerability regarding BIND (CVE-2021-25219).
  5. Minor bug fixes.

Version: 9.11.23-6093


(2021-08-31)

Important Note

  1. The update is expected to be available in all regions within the next few days. The actual time of release may vary slightly depending on the region.

Fixed Issues

  1. Fixed an issue where existing keys could not be displayed on the Keys page after an update to DSM 7.0.
  2. Fixed an issue where existing zone settings might not be editable after an update to DSM 7.0.

Version: 9.11.23-6069


(2021-06-01)

Compatibility and Installation

  1. Updated to be compatible with DSM 7.0.

Version: 2.2.3-5028


(2021-02-23)

Important Note

  1. This update is expected to be available in all regions within the next few days. The actual time of release may vary slightly depending on regions.

What's New

  1. Enhanced the capacity load of DNS lookups: the maximum number of concurrent sockets was increased to 4096.
  2. Supports wildcard characters (*) for the creation of resource records in AD-integrated zones.

Fixed Issues

  1. Minor bug fixes.

Known Issues & Limitations

  1. Only supports selecting all AD-integrated zones during a view creation.

Version: 2.2.2-5027


(2020-12-08)

Fixed Issues

  1. Fixed the issue where resource records in the AD-integrated zone could not be modified.
  2. Fixed the issue where editing SOA records might fail.
  3. Fixed the issue where the source IP list could not be configured during a view creation.
  4. Fixed the issue where TXT records with more than 255 characters could not be added, edited, or deleted in the AD-integrated zone.
  5. Fixed the issue where this package could not list more than 100 zones.
  6. Fixed multiple security vulnerabilities regarding BIND (Synology-SA-20:12).
  7. Fixed a security vulnerability (Synology-SA-20:27).

Version: 2.2.1-5024


(2020-05-13)

Fixed Issues

  1. Fixed the issue where resource records related to Active Directory Server (the package replaced by Synology Directory Server since DSM 6.2) might not work properly.

  2. Fixed the issue where DNS Server might cause the passive server in a Synology High Availability cluster running on DSM 6.2.2 or before to stop logging.

  3. Fixed the issue where DNS Server might stop running when the domain name of Synology Directory Server conflicts with the domain name of another zone.

  4. Fixed the issue where an error message fails to appear when the Zone Transfer Rule or the allowed Source IP List for Synology Directory Server's zone contains information other than host IP addresses.

  5. Fixed the issue where DNS Server might stop running when the domain name of a reverse zone for Synology Directory Server conflicts with the domain name of another reverse zone.

Version: 2.2.1-5023


(2020-04-15)

What's New

  1. Added support for listening on IP address changes and automatic updates of DNS host records in the AD-integrated zone upon any changes in the IP address of Synology NAS.

  2. Added support for limiting IP addresses for zone transfer and forwarding DNS records from Master zones to Slave zones when Synology Directory Server is activated.

Fixed Issues

  1. Fixed the issue where the registration of IP addresses to the AD-integrated zone might fail after Synology Directory Server is activated.

  2. Fixed the issue where DNS Server might stop logging events after Synology MailPlus Server is activated or stopped.

  3. Fixed the issue where the registration of email addresses in CAA resource records might fail when the CAA record type is iodef.

Version: 2.2.1-5014


(2019-04-29)
  1. Aligned display date and time formats with DSM.
  2. Minor bug fixes.

Version: 2.2.1-5012


(2018-08-29)

Fixed an issue where zones of specific Active Directory domain types might not display in resource records properly.

Version: 2.2.1-5010


(2018-05-23)

Thai user interface is now available.

Version: 2.2.1-5009


(2018-03-20)
  1. Enhanced the compatibility and stability of Active Directory Server and DNS Server.
  2. Refined log collection behavior and enhanced the stability of this function.

Version: 2.2.1-3079


(2017-12-13)
  1. Added support for CAA record to enhance certificate issuance security.
  2. You can now add, edit, and delete TXT records for Active Directory Server.
  3. Fixed an issue where DNS Server logs might be cleared upon restart of MailPlus Server.

Version: 2.2.1-3062


(2017-10-05)
  1. Added support for management of reverse zones in Active Directory Server.
  2. You can now batch edit A/AAAA resource records.
  3. Added function of log search.
  4. Fixed an issue where DNS update zones could not be included in more than one view.

Version: 2.2.1-3051


(2017-07-26)

Fixed a security vulnerability regarding DNS Server (CVE-2017-3142 and CVE-2017-3143).

Version: 2.2.1-3050


(2017-06-15)
  1. Fixed an issue where IPv6 subnet rules cannot be shown or edited on DNS Server.

Version: 2.2.1-3042


(2017-04-25)
  1. Fixed a security vulnerability (CVE-2017-3135, CVE-2017-3136, CVE-2017-3137, CVE-2017-3138).
  2. Added support for dynamic update of zone records.
  3. Added support for Active Directory Server to register DNS zone records automatically.
  4. Minor bug fixes.

Version: 2.2.0-3032


(2017-02-21)
  1. Fixed multiple security issues (CVE-2016-9131, CVE-2016-9147, CVE-2016-9444 and CVE-2016-9778).
  2. Fixed an issue where editing/deleting TXT records might fail.

Version: 1.2.0-0130


(2016-08-22)
  1. Upgraded Bind9 to 9.9.9-P2 to address a security vulnerability (CVE-2016-2775).

Version: 1.2.0-0129


(2016-06-06)
  1. Upgraded to bind 9.9.8-P3.

Version: 1.1-0124


(2016-03-24)
  1. Fixed three security vulnerability (CVE-2015-8704, CVE-2016-1285, CVE-2016-1286).
  2. Fixed an issue that cache cannot be updated properly in forwarder zone.
  3. Minor bug fixes.

Version: 1.1-0123


(2016-03-03)
  1. Fixed one security vulnerability (CVE-2015-8704).
  2. Fixed an issue that cache cannot be updated properly in forwarder zone.
  3. Minor bug fixes.

Version: 1.1-0119


(2016-01-21)
  1. Upgraded bind to 9.9.8-P2 to fix security vulnerabilties (CVE-2015-8461 and CVE-2015-8000).

Version: 1.1-0113


(2015-10-13)
  1. Upgraded Bind9 to 9.9.7-P3 to address multiple security vulnerabilities (CVE-2015-5477, CVE-2015-5722, CVE-2015-5986).

Version: 9.11.31-1027


(2022-05-11)

Compatibility & Installation

  1. DNS Server 1.3 requires SRM 1.3 or above.

What's New

  1. Updated to Bind 9.11.31.
  2. Added support for searching the resource records of slave zones.
  3. Added support for enabling notifications regarding slave zones.

Fixed Issues

  1. Fixed multiple security vulnerabilities (CVE-2008-5743, CVE-2021-25214, and CVE-2021-25215).
  2. Minor bug fixes.

Version: 9.16.23-6118


(2022-04-06)

Fixed Issues

  1. Fixed an issue where DNS Server might not be able to accurately listen to the IP address changes of Synology NAS when Synology High Availability was updated.

Version: 9.16.23-6117


(2022-02-17)

Compatibility & Installation

  1. DNS Server 9.16.23 requires DSM 7.1 or versions above.

What's New

  1. Updated to BIND 9.16.23.

Fixed Issues

  1. Fixed an issue where the domain data of Windows Server 2003 could not be migrated to Synology Directory Server.
  2. Fix an issue where turning off IPv6 might cause the event "lame-servers network unreachable resolving" to repeatedly appear in the Log page and prevent domain names from being resolved properly.
  3. Fix an issue where domain names might not be resolved properly when more than two views were added to the AD zone.
  4. Fixed a security vulnerability regarding BIND (CVE-2021-25219).
  5. Minor bug fixes.

Version: 9.11.23-6093


(2021-08-31)

Important Note

  1. The update is expected to be available in all regions within the next few days. The actual time of release may vary slightly depending on the region.

Fixed Issues

  1. Fixed an issue where existing keys could not be displayed on the Keys page after an update to DSM 7.0.
  2. Fixed an issue where existing zone settings might not be editable after an update to DSM 7.0.

Version: 9.11.23-6069


(2021-06-01)

Compatibility and Installation

  1. Updated to be compatible with DSM 7.0.

Version: 1.2-1008


(2021-05-11)

Important Note

  1. DNS Server 1.2-1008 requires SRM 1.2.4 or above.

Fixed Issues

  1. Fixed the issue where DHCP clients could not resolve external domain names. If DNS resolution has been disabled previously, the DNS Server of this version will automatically activate the resolution service and source IP limitation.
  2. Fixed an issue where domain names could not contain underlines (_).
  3. Fixed an issue where the IPv6 localhost address (::1) could not be entered in zone rules.
  4. Fixed an issue where error messages might be frequently displayed after an Internet connection via 4in6 MAP-E was established in Japan.
  5. Fixed multiple security vulnerabilities regarding BIND (CVE-2020-8616, CVE-2020-8617, and CVE-2020-8622).
  6. Minor bug fixes.

Version: 2.2.3-5028


(2021-02-23)

Important Note

  1. This update is expected to be available in all regions within the next few days. The actual time of release may vary slightly depending on regions.

What's New

  1. Enhanced the capacity load of DNS lookups: the maximum number of concurrent sockets was increased to 4096.
  2. Supports wildcard characters (*) for the creation of resource records in AD-integrated zones.

Fixed Issues

  1. Minor bug fixes.

Known Issues & Limitations

  1. Only supports selecting all AD-integrated zones during a view creation.

Version: 2.2.2-5027


(2020-12-08)

Fixed Issues

  1. Fixed the issue where resource records in the AD-integrated zone could not be modified.
  2. Fixed the issue where editing SOA records might fail.
  3. Fixed the issue where the source IP list could not be configured during a view creation.
  4. Fixed the issue where TXT records with more than 255 characters could not be added, edited, or deleted in the AD-integrated zone.
  5. Fixed the issue where this package could not list more than 100 zones.
  6. Fixed multiple security vulnerabilities regarding BIND (Synology-SA-20:12).
  7. Fixed a security vulnerability (Synology-SA-20:27).

Version: 2.2.1-5024


(2020-05-13)

Fixed Issues

  1. Fixed the issue where resource records related to Active Directory Server (the package replaced by Synology Directory Server since DSM 6.2) might not work properly.

  2. Fixed the issue where DNS Server might cause the passive server in a Synology High Availability cluster running on DSM 6.2.2 or before to stop logging.

  3. Fixed the issue where DNS Server might stop running when the domain name of Synology Directory Server conflicts with the domain name of another zone.

  4. Fixed the issue where an error message fails to appear when the Zone Transfer Rule or the allowed Source IP List for Synology Directory Server's zone contains information other than host IP addresses.

  5. Fixed the issue where DNS Server might stop running when the domain name of a reverse zone for Synology Directory Server conflicts with the domain name of another reverse zone.

Version: 2.2.1-5023


(2020-04-15)

What's New

  1. Added support for listening on IP address changes and automatic updates of DNS host records in the AD-integrated zone upon any changes in the IP address of Synology NAS.

  2. Added support for limiting IP addresses for zone transfer and forwarding DNS records from Master zones to Slave zones when Synology Directory Server is activated.

Fixed Issues

  1. Fixed the issue where the registration of IP addresses to the AD-integrated zone might fail after Synology Directory Server is activated.

  2. Fixed the issue where DNS Server might stop logging events after Synology MailPlus Server is activated or stopped.

  3. Fixed the issue where the registration of email addresses in CAA resource records might fail when the CAA record type is iodef.

Version: 1.2-1003


(2019-07-24)

What's New

  1. Added support for enabling recursion by default to avoid conflict with SRM.

Version: 2.2.1-5014


(2019-04-29)
  1. Aligned display date and time formats with DSM.
  2. Minor bug fixes.

Version: 1.2-1002


(2018-10-04)

DNS Server 1.2-1002 is compatible with SRM1.2 and above.

Version: 2.2.1-5012


(2018-08-29)

Fixed an issue where zones of specific Active Directory domain types might not display in resource records properly.

Version: 1.1-0307


(2018-05-24)
  1. Fixed a security vulnerability regarding Bind (CVE-2017-3145).

Version: 2.2.1-5010


(2018-05-23)

Thai user interface is now available.

Version: 2.2.1-5009


(2018-03-20)
  1. Enhanced the compatibility and stability of Active Directory Server and DNS Server.
  2. Refined log collection behavior and enhanced the stability of this function.

Version: 2.2.1-3079


(2017-12-13)
  1. Added support for CAA record to enhance certificate issuance security.
  2. You can now add, edit, and delete TXT records for Active Directory Server.
  3. Fixed an issue where DNS Server logs might be cleared upon restart of MailPlus Server.

Version: 2.2.1-3062


(2017-10-05)
  1. Added support for management of reverse zones in Active Directory Server.
  2. You can now batch edit A/AAAA resource records.
  3. Added function of log search.
  4. Fixed an issue where DNS update zones could not be included in more than one view.

Version: 1.1-0304


(2017-09-27)
  1. Fixed an issue where DNS update zones could not be included in more than one view.

Version: 2.2.1-3051


(2017-07-26)

Fixed a security vulnerability regarding DNS Server (CVE-2017-3142 and CVE-2017-3143).

Version: 1.1-0302


(2017-07-13)
  1. Fixed multiple security vulnerabilities regarding Bind (CVE-2017-3142, CVE-2017-3143).

Version: 2.2.1-3050


(2017-06-15)
  1. Fixed an issue where IPv6 subnet rules cannot be shown or edited on DNS Server.

Version: 1.1-0301


(2017-04-27)
  • Added support for dynamic update.

  • Fixed multiple security vulnerabilities regarding Bind (CVE-2017-3135, CVE-2017-3136, CVE-2017-3137, CVE-2017-3138).

Version: 2.2.1-3042


(2017-04-25)
  1. Fixed a security vulnerability (CVE-2017-3135, CVE-2017-3136, CVE-2017-3137, CVE-2017-3138).
  2. Added support for dynamic update of zone records.
  3. Added support for Active Directory Server to register DNS zone records automatically.
  4. Minor bug fixes.

Version: 2.2.0-3032


(2017-02-21)
  1. Fixed multiple security issues (CVE-2016-9131, CVE-2016-9147, CVE-2016-9444 and CVE-2016-9778).
  2. Fixed an issue where editing/deleting TXT records might fail.

Version: 1.1-0094


(2017-01-18)
  1. Fixed multiple security vulnerabilities regarding Bind (CVE-2016-9131, CVE-2016-9147, CVE-2016-9444, CVE-2016-9778)

Version: 1.1-0093


(2017-01-12)
  1. Fixed a security vulnerability regarding Bind (CVE-2016-8864).

  2. Fixed a security vulnerability regarding Zone Transfer (CVE-1999-0532).

  3. Minor bug fixes.

Version: 1.1-0091


(2016-12-21)
  1. Fixed a security vulnerability regarding Bind (CVE-2016-2776).

Version: 1.1-0090


(2016-09-29)
  1. Minor bug fixes.

Version: 1.2.0-0130


(2016-08-22)
  1. Upgraded Bind9 to 9.9.9-P2 to address a security vulnerability (CVE-2016-2775).

Version: 1.1-0088


(2016-06-07)
  1. Upgraded to be compatible with SRM 1.1.

Version: 1.2.0-0129


(2016-06-06)
  1. Upgraded to bind 9.9.8-P3.

Version: 1.1-0124


(2016-03-24)
  1. Fixed three security vulnerability (CVE-2015-8704, CVE-2016-1285, CVE-2016-1286).
  2. Fixed an issue that cache cannot be updated properly in forwarder zone.
  3. Minor bug fixes.

Version: 1.1-0084


(2016-03-08)
  1. Upgraded to be compatible with SRM 1.0.2.

Version: 1.1-0123


(2016-03-03)
  1. Fixed one security vulnerability (CVE-2015-8704).
  2. Fixed an issue that cache cannot be updated properly in forwarder zone.
  3. Minor bug fixes.

Version: 1.1-0083


(2016-02-03)
  1. Upgraded BIND 9 to 9.9.8-P3 to address multiple security vulnerabilities (CVE-2015-8704, CVE-2015-8000, and CVE-2015-8461).
  2. Fixed an issue where cache will not be refreshed when creating/editing a forwarding zone.

Version: 1.1-0119


(2016-01-21)
  1. Upgraded bind to 9.9.8-P2 to fix security vulnerabilties (CVE-2015-8461 and CVE-2015-8000).

Version: 1.1-0080


(2015-12-10)

This is the initial release to add support for RT1900ac and DS216play.

  1. Upgraded Bind to 9.9.7-P3 to address multiple vulnerabilities (CVE-2015-5477, CVE-2015-5722, and CVE-2015-5986).

Version: 1.1-0113


(2015-10-13)
  1. Upgraded Bind9 to 9.9.7-P3 to address multiple security vulnerabilities (CVE-2015-5477, CVE-2015-5722, CVE-2015-5986).

Version: 1.1-0077


(2015-07-17)
  1. Fixed an issue where the Management Interface could not be displayed.
  2. Upgrade BIND to 9.9.7-P1 to address one security vulnerability (CVE-2015-4620).

Version: 1.1-0075


(2015-07-01)
  1. Stability enhancements.
  2. Minor bug fixes.

Version: 1.1-0070


(2015-05-12)
  1. Fixed an issue where DNS Server package fails to start after system reboot.
  2. Minor bug fixes.

Version: 1.1-0068


(2015-03-12)
  1. Fixed an issue where DNS server could not start after system reboot.

Version: 1.1-0066


(2015-02-06)
  1. Upgraded Bind to version 9.9.6-P1 to fix a security vulnerability that allowed remote attackers to use the weakness to perform DoS attacks (CVE-2014-8500).

Version: 1.1-0064


(2014-12-16)
  1. Enhanced security.

Version: 1.1-0059


(2014-12-09)
  1. Supports search and sort on all records.
  2. Minor bugs fixed.

Version: 1.1-0058


(2014-09-23)
  1. Certified by Synology Trust Level.

Improvements

  1. Supports IPv6.

Version: 1.1-0053


(2014-09-22)
  1. Fixed a security issue allowing denial of service attacks. (CVE-2014-0591)

Version: 1.0-0028


(2014-04-17)
  1. Fixed a security issue allowing denial of service attacks. (CVE-2014-0591)

Version: 1.1-0052


(2014-03-10)
  1. Updated to be compatible with DSM 5.0.

Version: 1.0-0027


(2013-08-27)
  1. Forwarding zones can now be created and managed.

Version: 1.0-0019


(2013-04-18)
  1. Now supports entering * and *.[domain] in the Owner field of some resource records.

Version: 1.0-0017


(2013-03-04)

The initial release of DNS server.