Prepare release notes for BIND 9.17.15

2025-08-30 22:15:20 +00:00 · 2021-06-18 11:09:45 +02:00
parent 7bfedd8c73
commit 7b7dea04a3
3 changed files with 26 additions and 69 deletions
--- a/doc/arm/notes.rst
+++ b/doc/arm/notes.rst
@@ -51,7 +51,7 @@ The latest versions of BIND 9 software can always be found at
 https://www.isc.org/download/. There you will find additional
 information about each release, and source code.

-.. include:: ../notes/notes-current.rst
+.. include:: ../notes/notes-9.17.15.rst
 .. include:: ../notes/notes-9.17.14.rst
 .. include:: ../notes/notes-9.17.13.rst
 .. include:: ../notes/notes-9.17.12.rst
--- a/doc/notes/notes-9.17.15.rst
+++ b/doc/notes/notes-9.17.15.rst
@@ -0,0 +1,25 @@
+.. 
+   Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+   
+   This Source Code Form is subject to the terms of the Mozilla Public
+   License, v. 2.0. If a copy of the MPL was not distributed with this
+   file, you can obtain one at https://mozilla.org/MPL/2.0/.
+   
+   See the COPYRIGHT file distributed with this work for additional
+   information regarding copyright ownership.
+
+Notes for BIND 9.17.15
+----------------------
+
+Bug Fixes
+~~~~~~~~~
+
+- When preparing DNS responses, ``named`` could replace the letters
+  ``W`` (uppercase) and ``w`` (lowercase) with ``\000``. This has been
+  fixed. :gl:`#2779`
+
+- The configuration-checking code failed to account for the inheritance
+  rules of the ``key-directory`` option. As a side effect of this flaw,
+  the code detecting ``key-directory`` conflicts for zones using KASP
+  incorrectly reported unique key directories as being reused. This has
+  been fixed. :gl:`#2778`
--- a/doc/notes/notes-current.rst
+++ b/doc/notes/notes-current.rst
@@ -1,68 +0,0 @@
-.. 
-   Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-   
-   This Source Code Form is subject to the terms of the Mozilla Public
-   License, v. 2.0. If a copy of the MPL was not distributed with this
-   file, you can obtain one at https://mozilla.org/MPL/2.0/.
-   
-   See the COPYRIGHT file distributed with this work for additional
-   information regarding copyright ownership.
-
-Notes for BIND 9.17.15
----------------------
-
-Security Fixes
-~~~~~~~~~~~~~~
-
- Sending non-zero opcode via DoT or DoH channels would trigger an assertion
-  failure in ``named``. This has been fixed.
-
-  ISC would like to thank Ville Heikkila of Synopsys Cybersecurity Research
-  Center for responsibly disclosing the vulnerability to us. :gl:`#2787`
-
-Known Issues
-~~~~~~~~~~~~
-
- None.
-
-New Features
-~~~~~~~~~~~~
-
- None.
-
-Removed Features
-~~~~~~~~~~~~~~~~
-
- Support for compiling and running BIND 9 natively on Windows has been
-  completely removed.  The last release branch that has working Windows
-  support is BIND 9.16. :gl:`#2690`
-
-Feature Changes
-~~~~~~~~~~~~~~~
-
- None.
-
-Bug Fixes
-~~~~~~~~~
-
- Fixed a bug that caused the NSEC salt to be changed for KASP zones on
-  every startup. :gl:`#2725`
-
- Signed, insecure delegation responses prepared by ``named`` either
-  lacked the necessary NSEC records or contained duplicate NSEC records
-  when both wildcard expansion and CNAME chaining were required to
-  prepare the response. This has been fixed. :gl:`#2759`
-
- When preparing DNS responses, ``named`` could replace the letters
-  ``W`` (uppercase) and ``w`` (lowercase) with ``\000``. This has been
-  fixed. :gl:`#2779`
-
- The configuration-checking code failed to account for the inheritance
-  rules of the ``key-directory`` option. As a side effect of this flaw,
-  the code detecting ``key-directory`` conflicts for zones using KASP
-  incorrectly reported unique key directories as being reused. This has
-  been fixed. :gl:`#2778`
-
- A deadlock at startup was introduced when fixing :gl:`#1875` because when
-  locking key files for reading and writing, "in-view" logic was not taken into
-  account. This has been fixed. :gl:`#2783`