new: doc: Prepare documentation for BIND 9.20.10

Merge branch 'mnowak/prepare-documentation-for-bind-9.20.10' into 'v9.20.10-release'

See merge request isc-private/bind9!806

configure.ac

@@ -18,7 +18,7 @@ m4_define([bind_VERSION_MAJOR], 9)dnl
 m4_define([bind_VERSION_MINOR], 20)dnl
 m4_define([bind_VERSION_PATCH], 10)dnl
 m4_define([bind_VERSION_EXTRA], -dev)dnl
-m4_define([bind_DESCRIPTION], [(Stable Release)])dnl
+m4_define([bind_DESCRIPTION], [(Extended Support Version)])dnl
 m4_define([bind_SRCID], [m4_esyscmd_s([git rev-parse --short HEAD | cut -b1-7])])dnl
 m4_define([bind_PKG_VERSION], [[bind_VERSION_MAJOR.bind_VERSION_MINOR.bind_VERSION_PATCH]bind_VERSION_EXTRA])dnl
 

doc/arm/changelog.rst

@@ -18,6 +18,7 @@ Changelog
    development. Regular users should refer to :ref:`Release Notes <relnotes>`
    for changes relevant to them.
 
+.. include:: ../changelog/changelog-9.20.10.rst
 .. include:: ../changelog/changelog-9.20.9.rst
 .. include:: ../changelog/changelog-9.20.8.rst
 .. include:: ../changelog/changelog-9.20.7.rst

doc/arm/notes.rst

@@ -19,10 +19,10 @@ Release Notes
 Introduction
 ------------
 
-BIND 9.20 is a stable branch, suitable for production use. This
-document summarizes significant changes since the last production
-release on the 9.18 branch. Please see the :ref:`changelog` file for
-a more detailed list of changes and bug fixes.
+BIND 9.20 (Extended Support Version) is a stable branch, suitable for
+production use. This document summarizes significant changes since the
+last production release on the 9.18 branch. Please see the
+:ref:`changelog` file for a more detailed list of changes and bug fixes.
 
 Supported Platforms
 -------------------
@@ -45,6 +45,7 @@ The list of known issues affecting the latest version in the 9.20 branch can be
 found at
 https://gitlab.isc.org/isc-projects/bind9/-/wikis/Known-Issues-in-BIND-9.20
 
+.. include:: ../notes/notes-9.20.10.rst
 .. include:: ../notes/notes-9.20.9.rst
 .. include:: ../notes/notes-9.20.8.rst
 .. include:: ../notes/notes-9.20.7.rst
@@ -70,12 +71,9 @@ https://www.isc.org/contact/.
 End of Life
 -----------
 
-BIND 9.20 is a stable branch, suitable for production use. After it has
-been in production use for a while it will be designated as an Extended
-Support Version (ESV). Until then, the current ESV is BIND 9.18, which
-will be supported until at least December 2025.  See
-https://kb.isc.org/docs/aa-00896 for details of ISC's software support
-policy.
+BIND 9.20 (Extended Support Version) will be supported until at least
+March, 2028. See https://kb.isc.org/docs/aa-00896 for details of
+ISC's software support policy.
 
 Thank You
 ---------

doc/changelog/changelog-9.20.10.rst

@@ -0,0 +1,74 @@
+.. Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+..
+.. SPDX-License-Identifier: MPL-2.0
+..
+.. This Source Code Form is subject to the terms of the Mozilla Public
+.. License, v. 2.0.  If a copy of the MPL was not distributed with this
+.. file, you can obtain one at https://mozilla.org/MPL/2.0/.
+..
+.. See the COPYRIGHT file distributed with this work for additional
+.. information regarding copyright ownership.
+
+BIND 9.20.10
+------------
+
+New Features
+~~~~~~~~~~~~
+
+- Implement a new 'notify-defer' configuration option. ``a24db6433e6``
+
+  This new option sets a delay (in seconds) to wait before sending a set
+  of NOTIFY messages for a zone. Whenever a NOTIFY message is ready to
+  be sent, sending will be deferred for this duration. This option is
+  not to be confused with the :any:`notify-delay` option. The default is
+  0 seconds. :gl:`#5259` :gl:`!10465`
+
+Removed Features
+~~~~~~~~~~~~~~~~
+
+- Implement the systemd notification protocol manually to remove
+  dependency on libsystemd. ``4f7e806a12b``
+
+  libsystemd, despite being useful, adds a huge surface area for just
+  using the sd_notify API. libsystemd's surface has been exploited in
+  the past [1].
+
+  Implement the systemd notification protocol by hand since it is just
+  sending newline-delimited datagrams to a UNIX socket. The code
+  shouldn't need more attention in the future since the notification
+  protocol is covered under systemd's stability promise [2].
+
+  We don't need to support VSOCK-backed service notifications since they
+  are only intended for virtual machine inits.
+
+  [1]: https://www.openwall.com/lists/oss-security/2024/03/29/4 [2]:
+  https://systemd.io/PORTABILITY_AND_STABILITY/ :gl:`!10454`
+
+Bug Fixes
+~~~~~~~~~
+
+- Fix zone deletion issue. ``66fc4ee86e0``
+
+  A secondary zone could initiate a new zone transfer from the primary
+  server after it had been already deleted from the secondary server,
+  and before the internal garbage collection was activated to clean it
+  up completely. This has been fixed. :gl:`#5291` :gl:`!10496`
+
+- Fix a zone refresh bug. ``f09bb8b88c6``
+
+  A secondary zone could fail to further refresh with new versions of
+  the zone from a primary server if named was reconfigured during the
+  SOA request step of an ongoing zone transfer. This has been fixed.
+  :gl:`#5307` :gl:`!10495`
+
+- Allow keystore.c to compile on Solaris. ``108adab25a0``
+
+  keystore.c failed to compile on Solaris because NAME_MAX was
+  undefined.  Include 'isc/dir.h' which defines NAME_MAX for platforms
+  that don't define it. :gl:`#5327` :gl:`!10523`
+
+- Set name for all the isc_mem contexts. ``bdcd698edf7``
+
+  :gl:`!10498`
+
+

doc/notes/notes-9.20.10.rst

@@ -0,0 +1,49 @@
+.. Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+..
+.. SPDX-License-Identifier: MPL-2.0
+..
+.. This Source Code Form is subject to the terms of the Mozilla Public
+.. License, v. 2.0.  If a copy of the MPL was not distributed with this
+.. file, you can obtain one at https://mozilla.org/MPL/2.0/.
+..
+.. See the COPYRIGHT file distributed with this work for additional
+.. information regarding copyright ownership.
+
+Notes for BIND 9.20.10
+----------------------
+
+New Features
+~~~~~~~~~~~~
+
+- Implement a new :namedconf:ref:`notify-defer` configuration option.
+
+  This new option sets a delay (in seconds) to wait before sending a set
+  of ``NOTIFY`` messages for a zone. Whenever a ``NOTIFY`` message is
+  ready to be sent, sending is deferred for this duration. This option
+  should not be confused with the :namedconf:ref:`notify-delay` option.
+  The default is 0 seconds. :gl:`#5259`
+
+Removed Features
+~~~~~~~~~~~~~~~~
+
+- Implement the systemd notification protocol manually to remove
+  dependency on libsystemd.
+
+Bug Fixes
+~~~~~~~~~
+
+- Fix zone deletion issue.
+
+  A secondary zone could initiate a new zone transfer from the primary
+  server after it had been already deleted from the secondary server,
+  and before the internal garbage collection was activated to clean it
+  up completely. This has been fixed. :gl:`#5291`
+
+- Fix a zone refresh bug.
+
+  A secondary zone could fail to further refresh with new versions of
+  the zone from a primary server if :iscman:`named` was reconfigured
+  during the SOA request step of an ongoing zone transfer. This has been
+  fixed.  :gl:`#5307`
+
+