NEWS: Deprecate nss_hesiod

Storing user databases in DNS, without client-side DNSSEC validation, is problematic from a security point of view. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
author: Florian Weimer <fweimer@redhat.com> 2020-07-24 16:46:23 +0200
committer: Florian Weimer <fweimer@redhat.com> 2020-07-31 12:58:56 +0200
commit: 20fb7452c04221608be1359cc100387db3e36356 (patch)
tree: a968f69b584562ce31f6a804f73300c6f1b2731f
parent: 0ad926f34937f7b4843a8b49e5d93199601fe324 (diff)
download: glibc-20fb7452c04221608be1359cc100387db3e36356.tar.gz
glibc-20fb7452c04221608be1359cc100387db3e36356.tar.xz
glibc-20fb7452c04221608be1359cc100387db3e36356.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index 1ef4a0a7a4..83aed60e19 100644
--- a/NEWS
+++ b/NEWS
@@ -147,6 +147,11 @@ Deprecated and removed features, and other changes affecting compatibility:
   applications which use the malloc hooks must preload a special shared
   object, to enable the hooks.
 
+* The hesiod NSS module has been deprecated and will be removed in a
+  future version of glibc.  System administrators are encouraged to
+  switch to other approaches for networked account databases, such as
+  LDAP.
+
 Changes to build and runtime requirements:
 
 * powerpc64le requires GCC 7.4 or newer.  This is required for supporting
author	Florian Weimer <fweimer@redhat.com>	2020-07-24 16:46:23 +0200
committer	Florian Weimer <fweimer@redhat.com>	2020-07-31 12:58:56 +0200
commit	20fb7452c04221608be1359cc100387db3e36356 (patch)
tree	a968f69b584562ce31f6a804f73300c6f1b2731f
parent	0ad926f34937f7b4843a8b49e5d93199601fe324 (diff)
download	glibc-20fb7452c04221608be1359cc100387db3e36356.tar.gz glibc-20fb7452c04221608be1359cc100387db3e36356.tar.xz glibc-20fb7452c04221608be1359cc100387db3e36356.zip