Merge branch 'tkrizek/prepare-documentation-for-bind-9.19.11' into 'v9_19_11-release'

Prepare documentation for BIND 9.19.11 See merge request isc-private/bind9!500
2025-08-30 22:15:20 +00:00 · 2023-03-03 14:05:21 +00:00
parent 0874708bbf 8f315605ba
commit 5fa00c7ce1
4 changed files with 92 additions and 87 deletions
--- a/.gitlab/issue_templates/Release.md
+++ b/.gitlab/issue_templates/Release.md
@@ -36,7 +36,6 @@
 - [ ] ***(QA)*** Check whether all issues assigned to the release milestone are resolved[^1].
 - [ ] ***(QA)*** Ensure that there are no outstanding merge requests in the private repository[^1] (Subscription Edition only).
 - [ ] ***(QA)*** Ensure all merge requests marked for backporting have been indeed backported.
 - [ ] ***(QA)*** Update GitLab settings for all maintained branches to disallow merging to them.
 - [ ] ***(QA)*** Announce (on Mattermost) that the code freeze is in effect.
 ### Before the Tagging Deadline
@@ -46,6 +45,7 @@
 - [ ] ***(QA)*** Add a release marker to `CHANGES.SE` (Subscription Edition only).
 - [ ] ***(QA)*** Update BIND 9 version in `configure.ac` (9.18+) or `version` (9.16).
 - [ ] ***(QA)*** Rebuild `configure` using Autoconf on `docs.isc.org` (9.16).
 - [ ] ***(QA)*** Update GitLab settings for all maintained branches to disallow merging to them.
 - [ ] ***(QA)*** Tag the releases in the private repository (`git tag -s -m "BIND 9.x.y" v9_x_y`).
 ### Before the ASN Deadline (for ASN Releases) or the Public Release Date (for Regular Releases)
@@ -90,6 +90,7 @@
 - [ ] ***(QA)*** Sanitize confidential issues which are assigned to older release milestones and describe security vulnerabilities, then make them public if appropriate[^2].
 - [ ] ***(QA)*** Update QA tools used in GitLab CI (e.g. Black, PyLint, Sphinx) by modifying the relevant `Dockerfile`.
 - [ ] ***(QA)*** Run a pipeline to rebuild all [images](https://gitlab.isc.org/isc-projects/images) used in GitLab CI.
 - [ ] ***(QA)*** Update [`metadata.json`](https://gitlab.isc.org/isc-private/bind-qa/-/blob/master/bind9/releng/metadata.json) with the upcoming release information.
 [^1]: If not, use the time remaining until the tagging deadline to ensure all outstanding issues are either resolved or moved to a different milestone.
 [^2]: As a rule of thumb, security vulnerabilities which have reproducers merged to the public repository are considered okay for full disclosure.
--- a/doc/arm/notes.rst
+++ b/doc/arm/notes.rst
@@ -38,7 +38,7 @@ information about each release, and source code.
 .. include:: ../notes/notes-known-issues.rst
-.. include:: ../notes/notes-current.rst
+.. include:: ../notes/notes-9.19.11.rst
 .. include:: ../notes/notes-9.19.10.rst
 .. include:: ../notes/notes-9.19.9.rst
 .. include:: ../notes/notes-9.19.8.rst
--- a/doc/notes/notes-9.19.11.rst
+++ b/doc/notes/notes-9.19.11.rst
@@ -0,0 +1,89 @@
 .. Copyright (C) Internet Systems Consortium, Inc. ("ISC")
 ..
 .. SPDX-License-Identifier: MPL-2.0
 ..
 .. This Source Code Form is subject to the terms of the Mozilla Public
 .. License, v. 2.0.  If a copy of the MPL was not distributed with this
 .. file, you can obtain one at https://mozilla.org/MPL/2.0/.
 ..
 .. See the COPYRIGHT file distributed with this work for additional
 .. information regarding copyright ownership.
 Notes for BIND 9.19.11
 ----------------------
 New Features
 ~~~~~~~~~~~~
 - When using :any:`dnssec-policy`, it is now possible to configure the
  digest type to use when ``CDS`` records need to be published with
  :any:`cds-digest-types`. Also, publication of specific CDNSKEY/CDS
  records can now be set with :option:`dnssec-signzone -G`. :gl:`#3837`
 Removed Features
 ~~~~~~~~~~~~~~~~
 - Support for Red Hat Enterprise Linux version 7 (and clones) has been
  dropped. A C11-compliant compiler is now required to compile BIND 9.
  :gl:`#3729`
 - The functions that were in the ``libbind9`` shared library have been
  moved to the ``libisc`` and ``libisccfg`` libraries. The now-empty
  ``libbind9`` has been removed and is no longer installed. :gl:`#3903`
 - The ``irs_resconf`` module has been moved to the ``libdns`` shared
  library. The now-empty ``libirs`` library has been removed and is no
  longer installed. :gl:`#3904`
 Feature Changes
 ~~~~~~~~~~~~~~~
 - Catalog zone updates are now run on specialized "offload" threads to
  reduce the amount of time they block query processing on the main
  networking threads. This increases the responsiveness of
  :iscman:`named` when catalog zone updates are being applied after a
  catalog zone has been successfully transferred. :gl:`#3881`
 - libuv support for receiving multiple UDP messages in a single
  ``recvmmsg()`` system call has been tweaked several times between
  libuv versions 1.35.0 and 1.40.0; the current recommended libuv
  version is 1.40.0 or higher. New rules are now in effect for running
  with a different version of libuv than the one used at compilation
  time. These rules may trigger a fatal error at startup:
  - Building against or running with libuv versions 1.35.0 and 1.36.0 is
    now a fatal error.
  - Running with libuv version higher than 1.34.2 is now a fatal error
    when :iscman:`named` is built against libuv version 1.34.2 or lower.
  - Running with libuv version higher than 1.39.0 is now a fatal error
    when :iscman:`named` is built against libuv version 1.37.0, 1.38.0,
    1.38.1, or 1.39.0.
  This prevents the use of libuv versions that may trigger an assertion
  failure when receiving multiple UDP messages in a single system call.
  :gl:`#3840`
 Bug Fixes
 ~~~~~~~~~
 - :iscman:`named` could crash with an assertion failure when adding a
  new zone into the configuration file for a name which was already
  configured as a member zone for a catalog zone. This has been fixed.
  :gl:`#3911`
 - When :iscman:`named` starts up, it sends a query for the DNSSEC key
  for each configured trust anchor to determine whether the key has
  changed. In some unusual cases, the query might depend on a zone for
  which the server is itself authoritative, and would have failed if it
  were sent before the zone was fully loaded. This has now been fixed by
  delaying the key queries until all zones have finished loading.
  :gl:`#3673`
 Known Issues
 ~~~~~~~~~~~~
 - There are no new known issues with this release. See :ref:`above
  <relnotes_known_issues>` for a list of all known issues affecting this
  BIND 9 branch.
--- a/doc/notes/notes-current.rst
+++ b/doc/notes/notes-current.rst
@@ -1,85 +0,0 @@
 .. Copyright (C) Internet Systems Consortium, Inc. ("ISC")
 ..
 .. SPDX-License-Identifier: MPL-2.0
 ..
 .. This Source Code Form is subject to the terms of the Mozilla Public
 .. License, v. 2.0.  If a copy of the MPL was not distributed with this
 .. file, you can obtain one at https://mozilla.org/MPL/2.0/.
 ..
 .. See the COPYRIGHT file distributed with this work for additional
 .. information regarding copyright ownership.
 Notes for BIND 9.19.11
 ----------------------
 Security Fixes
 ~~~~~~~~~~~~~~
 - None.
 New Features
 ~~~~~~~~~~~~
 - None.
 - When using :any:`dnssec-policy`, you can now configure the digest type to
  use when ``CDS`` records need to be published with `cds-digest-types`. Also,
  with ``dnssec-signzone -G`` you can set which CDNSKEY/CDS records you want to
  publish. :gl:`#3837`
 Removed Features
 ~~~~~~~~~~~~~~~~
 - Support for Red Hat Enterprise Linux version 7 (and clones) has been dropped.
  A C11 compliant compiler (or better) is now required to compile BIND 9.
  :gl:`#3729`
 - The functions that were in the ``libbind9`` shared library have been
  moved to the ``libisc`` and ``libisccfg`` libraries, and the
  now-empty ``libbind9`` has been removed and is no longer installed.
 - The ``irs_resconf`` module has been moved to the ``libdns`` shared
  library and the now-empty ``libirs`` library has been removed and is
  no longer installed.
 Feature Changes
 ~~~~~~~~~~~~~~~
 - libuv support for receiving multiple UDP messages in a single system
  call (``recvmmsg()``) has been tweaked several times between libuv
  versions 1.35.0 and 1.40.0; the recommended libuv version is 1.40.0 or
  higher. New rules are now in effect for running with a different
  version of libuv than the one used at compilation time. These rules
  may trigger a fatal error at startup:
  - Building against or running with libuv versions 1.35.0 and 1.36.0 is
    now a fatal error.
  - Running with libuv version higher than 1.34.2 is now a fatal error
    when :iscman:`named` is built against libuv version 1.34.2 or lower.
  - Running with libuv version higher than 1.39.0 is now a fatal error
    when :iscman:`named` is built against libuv version 1.37.0, 1.38.0,
    1.38.1, or 1.39.0.
  This prevents the use of libuv versions that may trigger an assertion
  failure when receiving multiple UDP messages in a single system call.
  :gl:`#3840`
 - Run catalog zone updates on the specialized "offload" threads to reduce the
  amount of time they block query processing on the main networking
  threads. This should increase the responsiveness of :iscman:`named`
  when catalog zone updates are being applied after a catalog zone has been
  successfully transferred. :gl:`#3881`
 Bug Fixes
 ~~~~~~~~~
 - :iscman:`named` could crash with an assertion failure when adding a new zone
  into the configuration file for a name, which is already configured as a
  member zone for a catalog zone. This has been fixed. :gl:`#3911`
 Known Issues
 ~~~~~~~~~~~~
 - None.