diff --git a/doc/arm/Makefile.in b/doc/arm/Makefile.in
index 464b0a4764..b623445804 100644
--- a/doc/arm/Makefile.in
+++ b/doc/arm/Makefile.in
@@ -19,10 +19,14 @@ TXTOBJS = notes.txt
PDFOBJS = Bv9ARM.pdf notes.pdf
-NOTESXML = notes-bug-fixes.xml notes-download.xml notes-eol.xml \
- notes-feature-changes.xml notes-intro.xml notes-license.xml \
- notes-new-features.xml notes-numbering.xml notes-platforms.xml \
- notes-removed.xml notes-sec-fixes.xml notes-thankyou.xml \
+NOTESXML = notes-download.xml notes-eol.xml notes-intro.xml notes-license.xml \
+ notes-numbering.xml notes-platforms.xml notes-thankyou.xml \
+ notes-9.15.0.xml \
+ notes-9.15.1.xml \
+ notes-9.15.2.xml \
+ notes-9.15.3.xml \
+ notes-9.15.4.xml \
+ notes-9.15.5.xml \
notes.xml
doc man:: ${MANOBJS} ${TXTOBJS} ${PDFOBJS}
diff --git a/doc/arm/notes-9.15.0.xml b/doc/arm/notes-9.15.0.xml
new file mode 100644
index 0000000000..c2adb0c632
--- /dev/null
+++ b/doc/arm/notes-9.15.0.xml
@@ -0,0 +1,108 @@
+
+
+Notes for BIND 9.15.0
+
+ Security Fixes
+
+
+
+ In certain configurations, named could crash
+ with an assertion failure if nxdomain-redirect
+ was in use and a redirected query resulted in an NXDOMAIN from the
+ cache. This flaw is disclosed in CVE-2019-6467. [GL #880]
+
+
+
+
+ The TCP client quota set using the tcp-clients
+ option could be exceeded in some cases. This could lead to
+ exhaustion of file descriptors. This flaw is disclosed in
+ CVE-2018-5743. [GL #615]
+
+
+
+
+
+ New Features
+
+
+
+ The new add-soa option specifies whether
+ or not the response-policy zone's SOA record
+ should be included in the additional section of RPZ responses.
+ [GL #865]
+
+
+
+
+
+ Removed Features
+
+
+
+ The dnssec-enable option has been obsoleted and
+ no longer has any effect. DNSSEC responses are always enabled
+ if signatures and other DNSSEC data are present. [GL #866]
+
+
+
+
+
+ Feature Changes
+
+
+
+ When static and managed DNSSEC keys were both configured for the
+ same name, or when a static key was used to
+ configure a trust anchor for the root zone and
+ dnssec-validation was set to the default
+ value of auto, automatic RFC 5011 key
+ rollovers would be disabled. This combination of settings was
+ never intended to work, but there was no check for it in the
+ parser. This has been corrected, and it is now a fatal
+ configuration error. [GL #868]
+
+
+
+
+ DS and CDS records are now generated with SHA-256 digests
+ only, instead of both SHA-1 and SHA-256. This affects the
+ default output of dnssec-dsfromkey, the
+ dsset files generated by
+ dnssec-signzone, the DS records added to
+ a zone by dnssec-signzone based on
+ keyset files, the CDS records added to
+ a zone by named and
+ dnssec-signzone based on "sync" timing
+ parameters in key files, and the checks performed by
+ dnssec-checkds.
+
+
+
+
+
+ Bug Fixes
+
+
+
+ The allow-update and
+ allow-update-forwarding options were
+ inadvertently treated as configuration errors when used at the
+ options or view level.
+ This has now been corrected.
+ [GL #913]
+
+
+
+
+
+
diff --git a/doc/arm/notes-9.15.1.xml b/doc/arm/notes-9.15.1.xml
new file mode 100644
index 0000000000..7c26950f87
--- /dev/null
+++ b/doc/arm/notes-9.15.1.xml
@@ -0,0 +1,87 @@
+
+
+Notes for BIND 9.15.1
+
+ Security Fixes
+
+
+
+ A race condition could trigger an assertion failure when
+ a large number of incoming packets were being rejected.
+ This flaw is disclosed in CVE-2019-6471. [GL #942]
+
+
+
+
+
+ New Features
+
+
+
+ In order to clarify the configuration of DNSSEC keys,
+ the trusted-keys and
+ managed-keys statements have been
+ deprecated, and the new dnssec-keys
+ statement should now be used for both types of key.
+
+
+ When used with the keyword initial-key,
+ dnssec-keys has the same behavior as
+ managed-keys, i.e., it configures
+ a trust anchor that is to be maintained via RFC 5011.
+
+
+ When used with the new keyword static-key, it
+ has the same behavior as trusted-keys,
+ configuring a permanent trust anchor that will not automatically
+ be updated. (This usage is not recommended for the root key.)
+ [GL #6]
+
+
+
+
+
+ Removed Features
+
+
+
+ The cleaning-interval option has been
+ removed. [GL !1731]
+
+
+
+
+
+ Feature Changes
+
+
+
+ named will now log a warning if
+ a static key is configured for the root zone. [GL #6]
+
+
+
+
+ JSON-C is now the only supported library for enabling JSON
+ support for BIND statistics. The configure
+ option has been renamed from --with-libjson
+ to --with-json-c. Use
+ PKG_CONFIG_PATH to specify a custom path to
+ the json-c library as the new
+ configure option does not take the library
+ installation path as an optional argument.
+
+
+
+
+
+
diff --git a/doc/arm/notes-9.15.2.xml b/doc/arm/notes-9.15.2.xml
new file mode 100644
index 0000000000..f03c4a2679
--- /dev/null
+++ b/doc/arm/notes-9.15.2.xml
@@ -0,0 +1,93 @@
+
+
+Notes for BIND 9.15.2
+
+ New Features
+
+
+
+ The GeoIP2 API from MaxMind is now supported. Geolocation support
+ will be compiled in by default if the libmaxminddb
+ library is found at compile time, but can be turned off by using
+ configure --disable-geoip.
+
+
+ The default path to the GeoIP2 databases will be set based
+ on the location of the libmaxminddb library;
+ for example, if it is in /usr/local/lib,
+ then the default path will be
+ /usr/local/share/GeoIP.
+ This value can be overridden in named.conf
+ using the geoip-directory option.
+
+
+ Some geoip ACL settings that were available with
+ legacy GeoIP, including searches for netspeed,
+ org, and three-letter ISO country codes, will
+ no longer work when using GeoIP2. Supported GeoIP2 database
+ types are country, city,
+ domain, isp, and
+ as. All of these databases support both IPv4
+ and IPv6 lookups. [GL #182] [GL #1112]
+
+
+
+
+ Two new metrics have been added to the
+ statistics-channel to report DNSSEC
+ signing operations. For each key in each zone, the
+ dnssec-sign counter indicates the total
+ number of signatures named has generated
+ using that key since server startup, and the
+ dnssec-refresh counter indicates how
+ many of those signatures were refreshed during zone
+ maintenance, as opposed to having been generated
+ as a result of a zone update. [GL #513]
+
+
+
+
+
+ Bug Fixes
+
+
+
+ When qname-minimization was set to
+ relaxed, some improperly configured domains
+ would fail to resolve, but would have succeeded when minimization
+ was disabled. named will now fall back to normal
+ resolution in such cases, and also uses type A rather than NS for
+ minimal queries in order to reduce the likelihood of encountering
+ the problem. [GL #1055]
+
+
+
+
+ ./configure no longer sets
+ --sysconfdir to /etc or
+ --localstatedir to /var
+ when --prefix is not specified and the
+ aforementioned options are not specified explicitly. Instead,
+ Autoconf's defaults of $prefix/etc and
+ $prefix/var are respected.
+
+
+
+
+ Glue address records were not being returned in responses
+ to root priming queries; this has been corrected. [GL #1092]
+
+
+
+
+
+
diff --git a/doc/arm/notes-9.15.3.xml b/doc/arm/notes-9.15.3.xml
new file mode 100644
index 0000000000..2a674ea72a
--- /dev/null
+++ b/doc/arm/notes-9.15.3.xml
@@ -0,0 +1,125 @@
+
+
+Notes for BIND 9.15.3
+
+ New Features
+
+
+
+ Statistics channel groups are now toggleable. [GL #1030]
+
+
+
+
+
+ Removed Features
+
+
+
+ DNSSEC Lookaside Validation (DLV) is now obsolete.
+ The dnssec-lookaside option has been
+ marked as deprecated; when used in named.conf,
+ it will generate a warning but will otherwise be ignored.
+ All code enabling the use of lookaside validation has been removed
+ from the validator, delv, and the DNSSEC tools.
+ [GL #7]
+
+
+
+
+
+ Feature Changes
+
+
+
+ A SipHash 2-4 based DNS Cookie (RFC 7873) algorithm has been added and
+ made default. Old non-default HMAC-SHA based DNS Cookie algorithms
+ have been removed, and only the default AES algorithm is being kept
+ for legacy reasons. This change doesn't have any operational impact
+ in most common scenarios. [GL #605]
+
+
+ If you are running multiple DNS Servers (different versions of BIND 9
+ or DNS server from multiple vendors) responding from the same IP
+ address (anycast or load-balancing scenarios), you'll have to make
+ sure that all the servers are configured with the same DNS Cookie
+ algorithm and same Server Secret for the best performance.
+
+
+
+
+ The information from the dnssec-signzone and
+ dnssec-verify commands is now printed to standard
+ output. The standard error output is only used to print warnings and
+ errors, and in case the user requests the signed zone to be printed to
+ standard output with -f - option. A new
+ configuration option -q has been added to silence
+ all output on standard output except for the name of the signed zone.
+
+
+
+
+ DS records included in DNS referral messages can now be validated
+ and cached immediately, reducing the number of queries needed for
+ a DNSSEC validation. [GL #964]
+
+
+
+
+
+ Bug Fixes
+
+
+
+ Cache database statistics counters could report invalid values
+ when stale answers were enabled, because of a bug in counter
+ maintenance when cache data becomes stale. The statistics counters
+ have been corrected to report the number of RRsets for each
+ RR type that are active, stale but still potentially served,
+ or stale and marked for deletion. [GL #602]
+
+
+
+
+ Interaction between DNS64 and RPZ No Data rule (CNAME *.) could
+ cause unexpected results; this has been fixed. [GL #1106]
+
+
+
+
+ named-checkconf now checks DNS64 prefixes
+ to ensure bits 64-71 are zero. [GL #1159]
+
+
+
+
+ named-checkconf now correctly reports a missing
+ dnstap-output option when
+ dnstap is set. [GL #1136]
+
+
+
+
+ Handle ETIMEDOUT error on connect() with a non-blocking
+ socket. [GL #1133]
+
+
+
+
+ dig now correctly expands the IPv6 address
+ when run with +expandaaaa +short. [GL #1152]
+
+
+
+
+
+
diff --git a/doc/arm/notes-9.15.4.xml b/doc/arm/notes-9.15.4.xml
new file mode 100644
index 0000000000..bd280a119d
--- /dev/null
+++ b/doc/arm/notes-9.15.4.xml
@@ -0,0 +1,47 @@
+
+
+Notes for BIND 9.15.4
+
+ New Features
+
+
+
+ Added a new command line option to dig:
+ +[no]unexpected. By default, dig
+ won't accept a reply from a source other than the one to which
+ it sent the query. Add the +unexpected argument
+ to enable it to process replies from unexpected sources.
+
+
+
+
+ dig, mdig and
+ delv can all now take a +yaml
+ option to print output in a a detailed YAML format. [RT #1145]
+
+
+
+
+
+ Bug Fixes
+
+
+
+ When a response-policy zone expires, ensure
+ that its policies are removed from the RPZ summary database.
+ [GL #1146]
+
+
+
+
+
+
diff --git a/doc/arm/notes-9.15.5.xml b/doc/arm/notes-9.15.5.xml
new file mode 100644
index 0000000000..06a76878a3
--- /dev/null
+++ b/doc/arm/notes-9.15.5.xml
@@ -0,0 +1,34 @@
+
+
+Notes for BIND 9.15.5
+
+ Security Fixes
+
+
+
+ named could crash with an assertion failure
+ if a forwarder returned a referral, rather than resolving the
+ query, when QNAME minimization was enabled. This flaw is
+ disclosed in CVE-2019-6476. [GL #1051]
+
+
+
+
+ A flaw in DNSSEC verification when transferring mirror zones
+ could allow data to be incorrectly marked valid. This flaw
+ is disclosed in CVE-2019-6475. [GL #1252]
+
+
+
+
+
+
diff --git a/doc/arm/notes-9.15.6.xml b/doc/arm/notes-9.15.6.xml
new file mode 100644
index 0000000000..c368fdae41
--- /dev/null
+++ b/doc/arm/notes-9.15.6.xml
@@ -0,0 +1,52 @@
+
+
+Notes for BIND 9.15.6
+
+ New Features
+
+
+
+ A new asynchronous network communications system based on
+ libuv is now used by named
+ for listening for incoming requests and responding to them.
+ This change will make it easier to improve performance and
+ implement new protocol layers (for example, DNS over TLS) in
+ the future. [GL #29]
+
+
+
+
+ The new dnssec-policy option allows the
+ configuration key and signing policy (KASP) for zones. This
+ option enables named to generate new keys
+ as needed and automatically roll both ZSK and KSK keys.
+ (Note that the syntax for this statement differs from the DNSSEC
+ policy used by dnssec-keymgr.) [GL #1134]
+
+
+
+
+
+ Feature Changes
+
+
+
+ NSEC Aggressive Cache (synth-from-dnssec) has been disabled by default
+ because it was found to have a significant performance impact on the
+ recursive service. The NSEC Aggressive Cache will be enable by default
+ in the future releases. [GL #1265]
+
+
+
+
+
+
diff --git a/doc/arm/notes-bug-fixes.xml b/doc/arm/notes-bug-fixes.xml
deleted file mode 100644
index 4af4cf92ee..0000000000
--- a/doc/arm/notes-bug-fixes.xml
+++ /dev/null
@@ -1,101 +0,0 @@
-
-
-Bug Fixes
-
-
-
- The allow-update and
- allow-update-forwarding options were
- inadvertently treated as configuration errors when used at the
- options or view level.
- This has now been corrected.
- [GL #913]
-
-
-
-
- When qname-minimization was set to
- relaxed, some improperly configured domains
- would fail to resolve, but would have succeeded when minimization
- was disabled. named will now fall back to normal
- resolution in such cases, and also uses type A rather than NS for
- minimal queries in order to reduce the likelihood of encountering
- the problem. [GL #1055]
-
-
-
-
- ./configure no longer sets
- --sysconfdir to /etc or
- --localstatedir to /var
- when --prefix is not specified and the
- aforementioned options are not specified explicitly. Instead,
- Autoconf's defaults of $prefix/etc and
- $prefix/var are respected.
-
-
-
-
- Glue address records were not being returned in responses
- to root priming queries; this has been corrected. [GL #1092]
-
-
-
-
- Interaction between DNS64 and RPZ No Data rule (CNAME *.) could
- cause unexpected results; this has been fixed. [GL #1106]
-
-
-
-
- named-checkconf now checks DNS64 prefixes
- to ensure bits 64-71 are zero. [GL #1159]
-
-
-
-
- named-checkconf now correctly reports a missing
- dnstap-output option when
- dnstap is set. [GL #1136]
-
-
-
-
- Handle ETIMEDOUT error on connect() with a non-blocking
- socket. [GL #1133]
-
-
-
-
- Cache database statistics counters could report invalid values
- when stale answers were enabled, because of a bug in counter
- maintenance when cache data becomes stale. The statistics counters
- have been corrected to report the number of RRsets for each
- RR type that are active, stale but still potentially served,
- or stale and marked for deletion. [GL #602]
-
-
-
-
- dig now correctly expands the IPv6 address
- when run with +expandaaaa +short. [GL #1152]
-
-
-
-
- When a response-policy zone expires, ensure
- that its policies are removed from the RPZ summary database.
- [GL #1146]
-
-
-
-
diff --git a/doc/arm/notes-feature-changes.xml b/doc/arm/notes-feature-changes.xml
deleted file mode 100644
index f88b499fda..0000000000
--- a/doc/arm/notes-feature-changes.xml
+++ /dev/null
@@ -1,113 +0,0 @@
-
-
-Feature Changes
-
-
-
- A new asynchronous network communications system based on
- libuv is now used by named
- for listening for incoming requests and responding to them.
- This change will make it easier to improve performance and
- implement new protocol layers (for example, DNS over TLS) in
- the future. [GL #29]
-
-
-
-
- named will now log a warning if
- a static key is configured for the root zone. [GL #6]
-
-
-
-
- When static and managed DNSSEC keys were both configured for the
- same name, or when a static key was used to
- configure a trust anchor for the root zone and
- dnssec-validation was set to the default
- value of auto, automatic RFC 5011 key
- rollovers would be disabled. This combination of settings was
- never intended to work, but there was no check for it in the
- parser. This has been corrected, and it is now a fatal
- configuration error. [GL #868]
-
-
-
-
- DS and CDS records are now generated with SHA-256 digests
- only, instead of both SHA-1 and SHA-256. This affects the
- default output of dnssec-dsfromkey, the
- dsset files generated by
- dnssec-signzone, the DS records added to
- a zone by dnssec-signzone based on
- keyset files, the CDS records added to
- a zone by named and
- dnssec-signzone based on "sync" timing
- parameters in key files, and the checks performed by
- dnssec-checkds.
-
-
-
-
- JSON-C is now the only supported library for enabling JSON
- support for BIND statistics. The configure
- option has been renamed from --with-libjson
- to --with-json-c. Use
- PKG_CONFIG_PATH to specify a custom path to
- the json-c library as the new
- configure option does not take the library
- installation path as an optional argument.
-
-
-
-
- A SipHash 2-4 based DNS Cookie (RFC 7873) algorithm has been added and
- made default. Old non-default HMAC-SHA based DNS Cookie algorithms
- have been removed, and only the default AES algorithm is being kept
- for legacy reasons. This change doesn't have any operational impact
- in most common scenarios. [GL #605]
-
-
- If you are running multiple DNS Servers (different versions of BIND 9
- or DNS server from multiple vendors) responding from the same IP
- address (anycast or load-balancing scenarios), you'll have to make
- sure that all the servers are configured with the same DNS Cookie
- algorithm and same Server Secret for the best performance.
-
-
-
-
- The information from the dnssec-signzone and
- dnssec-verify commands is now printed to standard
- output. The standard error output is only used to print warnings and
- errors, and in case the user requests the signed zone to be printed to
- standard output with -f - option. A new
- configuration option -q has been added to silence
- all output on standard output except for the name of the signed zone.
-
-
-
-
- DS records included in DNS referral messages can now be validated
- and cached immediately, reducing the number of queries needed for
- a DNSSEC validation. [GL #964]
-
-
-
-
- NSEC Aggressive Cache (synth-from-dnssec) has been disabled by default
- because it was found to have a significant performance impact on the
- recursive service. The NSEC Aggressive Cache will be enable by default
- in the future releases. [GL #1265]
-
-
-
-
diff --git a/doc/arm/notes-new-features.xml b/doc/arm/notes-new-features.xml
deleted file mode 100644
index 5f10e70476..0000000000
--- a/doc/arm/notes-new-features.xml
+++ /dev/null
@@ -1,124 +0,0 @@
-
-
-New Features
-
-
-
- The new dnssec-policy option allows the
- configuration key and signing policy (KASP) for zones. This
- option enables named to generate new keys
- as needed and automatically roll both ZSK and KSK keys.
- (Note that the syntax for this statement differs from the dnssec
- policy used by dnssec-keymgr.) [GL #1134]
-
-
-
-
- Added a new statistics variable tcp-highwater
- that reports the maximum number of simultaneous TCP clients BIND
- has handled while running. [GL #1206]
-
-
-
-
- Added a new command line option to dig:
- +[no]unexpected. By default, dig
- won't accept a reply from a source other than the one to which
- it sent the query. Add the +unexpected argument
- to enable it to process replies from unexpected sources.
-
-
-
-
- The GeoIP2 API from MaxMind is now supported. Geolocation support
- will be compiled in by default if the libmaxminddb
- library is found at compile time, but can be turned off by using
- configure --disable-geoip.
-
-
- The default path to the GeoIP2 databases will be set based
- on the location of the libmaxminddb library;
- for example, if it is in /usr/local/lib,
- then the default path will be
- /usr/local/share/GeoIP.
- This value can be overridden in named.conf
- using the geoip-directory option.
-
-
- Some geoip ACL settings that were available with
- legacy GeoIP, including searches for netspeed,
- org, and three-letter ISO country codes, will
- no longer work when using GeoIP2. Supported GeoIP2 database
- types are country, city,
- domain, isp, and
- as. All of these databases support both IPv4
- and IPv6 lookups. [GL #182] [GL #1112]
-
-
-
-
- In order to clarify the configuration of DNSSEC keys,
- the trusted-keys and
- managed-keys statements have been
- deprecated, and the new dnssec-keys
- statement should now be used for both types of key.
-
-
- When used with the keyword initial-key,
- dnssec-keys has the same behavior as
- managed-keys, i.e., it configures
- a trust anchor that is to be maintained via RFC 5011.
-
-
- When used with the new keyword static-key, it
- has the same behavior as trusted-keys,
- configuring a permanent trust anchor that will not automatically
- be updated. (This usage is not recommended for the root key.)
- [GL #6]
-
-
-
-
- The new add-soa option specifies whether
- or not the response-policy zone's SOA record
- should be included in the additional section of RPZ responses.
- [GL #865]
-
-
-
-
- Two new metrics have been added to the
- statistics-channel to report DNSSEC
- signing operations. For each key in each zone, the
- dnssec-sign counter indicates the total
- number of signatures named has generated
- using that key since server startup, and the
- dnssec-refresh counter indicates how
- many of those signatures were refreshed during zone
- maintenance, as opposed to having been generated
- as a result of a zone update. [GL #513]
-
-
-
-
- Statistics channel groups are now toggleable. [GL #1030]
-
-
-
-
- dig, mdig and
- delv can all now take a +yaml
- option to print output in a a detailed YAML format. [RT #1145]
-
-
-
-
diff --git a/doc/arm/notes-removed.xml b/doc/arm/notes-removed.xml
deleted file mode 100644
index 800ad64594..0000000000
--- a/doc/arm/notes-removed.xml
+++ /dev/null
@@ -1,39 +0,0 @@
-
-
-Removed Features
-
-
-
- The dnssec-enable option has been obsoleted and
- no longer has any effect. DNSSEC responses are always enabled
- if signatures and other DNSSEC data are present. [GL #866]
-
-
-
-
- The cleaning-interval option has been
- removed. [GL !1731]
-
-
-
-
- DNSSEC Lookaside Validation (DLV) is now obsolete.
- The dnssec-lookaside option has been
- marked as deprecated; when used in named.conf,
- it will generate a warning but will otherwise be ignored.
- All code enabling the use of lookaside validation has been removed
- from the validator, delv, and the DNSSEC tools.
- [GL #7]
-
-
-
-
diff --git a/doc/arm/notes-sec-fixes.xml b/doc/arm/notes-sec-fixes.xml
deleted file mode 100644
index 6011da7d86..0000000000
--- a/doc/arm/notes-sec-fixes.xml
+++ /dev/null
@@ -1,53 +0,0 @@
-
-
-Security Fixes
-
-
-
- The TCP client quota set using the tcp-clients
- option could be exceeded in some cases. This could lead to
- exhaustion of file descriptors. This flaw is disclosed in
- CVE-2018-5743. [GL #615]
-
-
-
-
- In certain configurations, named could crash
- with an assertion failure if nxdomain-redirect
- was in use and a redirected query resulted in an NXDOMAIN from the
- cache. This flaw is disclosed in CVE-2019-6467. [GL #880]
-
-
-
-
- A race condition could trigger an assertion failure when
- a large number of incoming packets were being rejected.
- This flaw is disclosed in CVE-2019-6471. [GL #942]
-
-
-
-
- named could crash with an assertion failure
- if a forwarder returned a referral, rather than resolving the
- query, when QNAME minimization was enabled. This flaw is
- disclosed in CVE-2019-6476. [GL #1051]
-
-
-
-
- A flaw in DNSSEC verification when transferring mirror zones
- could allow data to be incorrectly marked valid. This flaw
- is disclosed in CVE-2019-6475. [GL #1252]
-
-
-
-
diff --git a/doc/arm/notes.xml b/doc/arm/notes.xml
index becf47bbfa..b062a193c9 100644
--- a/doc/arm/notes.xml
+++ b/doc/arm/notes.xml
@@ -23,11 +23,15 @@
-
-
-
-
-
+
+
+
+
+
+
+
+
+
diff --git a/util/copyrights b/util/copyrights
index 92a4506c57..f517500290 100644
--- a/util/copyrights
+++ b/util/copyrights
@@ -1469,17 +1469,19 @@
./doc/arm/master.zoneopt.xml SGML 2018,2019
./doc/arm/masters.grammar.xml SGML 2018,2019
./doc/arm/mirror.zoneopt.xml SGML 2018,2019
-./doc/arm/notes-bug-fixes.xml SGML 2019
+./doc/arm/notes-9.15.0.xml SGML 2019
+./doc/arm/notes-9.15.1.xml SGML 2019
+./doc/arm/notes-9.15.2.xml SGML 2019
+./doc/arm/notes-9.15.3.xml SGML 2019
+./doc/arm/notes-9.15.4.xml SGML 2019
+./doc/arm/notes-9.15.5.xml SGML 2019
+./doc/arm/notes-9.15.6.xml SGML 2019
./doc/arm/notes-download.xml SGML 2019
./doc/arm/notes-eol.xml SGML 2019
-./doc/arm/notes-feature-changes.xml SGML 2019
./doc/arm/notes-intro.xml SGML 2019
./doc/arm/notes-license.xml SGML 2019
-./doc/arm/notes-new-features.xml SGML 2019
./doc/arm/notes-numbering.xml SGML 2019
./doc/arm/notes-platforms.xml SGML 2019
-./doc/arm/notes-removed.xml SGML 2019
-./doc/arm/notes-sec-fixes.xml SGML 2019
./doc/arm/notes-thankyou.xml SGML 2019
./doc/arm/notes-wrapper.xml SGML 2014,2015,2016,2018,2019
./doc/arm/notes.conf X 2015,2018,2019