From b6e5859ee7be1a55704fad3542d58d2d447119fc Mon Sep 17 00:00:00 2001 From: Yong Tang Date: Mon, 8 Jun 2026 04:09:44 -0700 Subject: [PATCH] Add notes for 1.14.4 (#8153) This is part of the 8152 Signed-off-by: Yong Tang --- notes/coredns-1.14.4.md | 59 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 59 insertions(+) create mode 100644 notes/coredns-1.14.4.md diff --git a/notes/coredns-1.14.4.md b/notes/coredns-1.14.4.md new file mode 100644 index 000000000..66c7715f5 --- /dev/null +++ b/notes/coredns-1.14.4.md @@ -0,0 +1,59 @@ ++++ +title = "CoreDNS-1.14.4 Release" +description = "CoreDNS-1.14.4 Release Notes." +tags = ["Release", "1.14.4", "Notes"] +release = "1.14.4" +date = "2026-06-09T00:00:00+00:00" +author = "coredns" ++++ + +This release improves transport security and operational flexibility, with +enhancements for DoH3 and DoQ, improved DNSSEC signing behavior, and support for +the loong64 architecture. It also adds configurable cache verification, hostname +resolution for forward targets, incoming connection support for dnstap, fallthrough +support in the secondary plugin, automatic zone reloads, and improved forwarding +behavior for NODATA responses. + +## Brought to You By + +Cedric Wang +Charlie Tonneslan +Dmytro Alieksieiev +Endre Szabo +Immanuel Tikhonov +Isolus +James R T +JUN YANG +Jöran Malek +Nicholas Amorim +Syed Azeez +Umut Polat +Ville Vesilehto +weiguozhang +Yong Tang +徐晓伟 + +## Noteworthy Changes + +* core: Add loong64 arch support (https://github.com/coredns/coredns/pull/8137) +* core: Bound HTTP/3 request header size for DoH3 (https://github.com/coredns/coredns/pull/8135) +* core: Expose TLS ConnectionState (SNI) for DoQ (https://github.com/coredns/coredns/pull/8129) +* core: Remove duplicate cipher suites (https://github.com/coredns/coredns/pull/8118) +* core: Use http.LocalAddrContextKey for DoH local address (https://github.com/coredns/coredns/pull/8149) +* plgin/kubernetes: Remove debug fmt.Println from multicluster zone validation (https://github.com/coredns/coredns/pull/8131) +* plugin/any: Reject invalid any and local config (https://github.com/coredns/coredns/pull/8133) +* plugin/azure: Apply `access` mode to every zone in the same block (https://github.com/coredns/coredns/pull/8110) +* plugin/cache: Add optional verify timeout to serve_stale (https://github.com/coredns/coredns/pull/8070) +* plugin/cache: Allow cache TTLs above default 3600s (https://github.com/coredns/coredns/pull/8134) +* plugin/cache: Prefer positive cache over SERVFAIL in ncache (https://github.com/coredns/coredns/pull/8003) +* plugin/chaos: Reject unknown chaos block options (https://github.com/coredns/coredns/pull/8121) +* plugin/dnssec: Sign each RRset with the zone that owns its name, not the query zone (https://github.com/coredns/coredns/pull/8138) +* plugin/dnstap: Feature: Added incoming connection support (https://github.com/coredns/coredns/pull/8086) +* plugin/file: Canonicalize escape form in owner names (https://github.com/coredns/coredns/pull/8109) +* plugin/file: Trigger reload of zones based on mtime (https://github.com/coredns/coredns/pull/8085) +* plugin/forward: Add hostname resolution support for TO endpoints (https://github.com/coredns/coredns/pull/5646) (https://github.com/coredns/coredns/pull/7923) +* plugin/forward: Forward NODATA responses to Next handler (https://github.com/coredns/coredns/pull/8065) +* plugin/health: Use descriptive error for unknown block options in health and log plugins (https://github.com/coredns/coredns/pull/8128) +* plugin/ready: Reject unknown ready plugin properties (https://github.com/coredns/coredns/pull/8119) +* plugin/secondary: Add fallthrough support (https://github.com/coredns/coredns/pull/8041) +* plugin/trace: Reject unknown trace and dnstap block options (https://github.com/coredns/coredns/pull/8120)