diff --git a/CHANGES b/CHANGES
index fd54ef6a01..d35124e526 100644
--- a/CHANGES
+++ b/CHANGES
@@ -14,53 +14,53 @@
 			[GL #2103]
 
 5499.	[func]		Add '-P ds' and '-D ds' arguments to dnssec-settime.
+			[GL #1748]
 
 5498.	[test]		The --with-gperftools-profiler configure option was
 			removed. [GL !4045]
 
 5497.	[placeholder]
 
-5496.	[bug]		The rate limiter needs to hold a reference to its task.
-			[GL #2081]
+5496.	[bug]		Address a TSAN report by ensuring each rate limiter
+			object holds a reference to its task. [GL #2081]
 
 5495.	[bug]		With query minimization enabled, named failed to
-			resolve ip6.arpa. names that had more labels after the
-			IPv6 part. [GL #1847]
+			resolve ip6.arpa. names that had extra labels to the
+			left of the IPv6 part. [GL #1847]
 
 5494.	[bug]		Silence the EPROTO syslog message on older systems.
 			[GL #1928]
 
-5493.	[bug]		Fix off-by-one error when calculating new hashtable
+5493.	[bug]		Fix off-by-one error when calculating new hash table
 			size. [GL #2104]
 
-5492.	[bug]		Tighten LOC parsing to reject period and/or m as a
-			value.  Correct handling of negative altitudes which
-			are not whole metres.  [GL #2074]
+5492.	[bug]		Tighten LOC parsing to reject a period (".") and/or "m"
+			as a value. Fix handling of negative altitudes which are
+			not whole meters. [GL #2074]
 
 5491.	[bug]		rbtversion->glue_table_size could be read without the
 			appropriate lock being held. [GL #2080]
 
-5490.	[func]		Refactor the readline support to use pkg-config and
-			add support for editline library. [GL !3942]
+5490.	[func]		Refactor readline support to use pkg-config and add
+			support for the editline library. [GL !3942]
 
-5489.	[bug]		Named failed to reject some invalid records resulting
-			in records that, after being printed, could not be
-			loaded or would result in DNSSEC validation failures
-			when re-read from zone files as the wire format
-			differed.  The covered records records are: CERT,
+5489.	[bug]		Named erroneously accepted certain invalid resource
+			records that were incorrectly processed after
+			subsequently being written to disk and loaded back, as
+			the wire format differed. Such records include: CERT,
 			IPSECKEY, NSEC3, NSEC3PARAM, NXT, SIG, TLSA, WKS, and
 			X25. [GL !3953]
 
-5488.	[bug]		nta needed to have a weak reference on view to prevent
-			the view being deleted while nta tests are being
-			performed. [GL #2067]
+5488.	[bug]		NTA code needed to have a weak reference on its
+			associated view to prevent the latter from being deleted
+			while NTA tests were being performed. [GL #2067]
 
 5487.	[cleanup]	Update managed keys log messages to be less confusing.
 			[GL #2027]
 
-5486.	[func]		Add 'rndc dnssec -checkds' command to tell named
-			that the DS record has been published in the parent.
-			[GL #1613]
+5486.	[func]		Add 'rndc dnssec -checkds' command, which signals to
+			named that the DS record for a given zone or key has
+			been updated in the parent zone. [GL #1613]
 
 	--- 9.17.4 released ---
 
diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md
index 2f03710038..67b4c15ac9 100644
--- a/CODE_OF_CONDUCT.md
+++ b/CODE_OF_CONDUCT.md
@@ -7,8 +7,8 @@ people.
 
 Diversity is one of our huge strengths, but it can also lead to communication
 issues and unhappiness. To that end, we have a few ground rules that we ask
-people to adhere to. This code applies equally to the core development team, open source contributors and those
-seeking help and guidance.
+people to adhere to. This code applies equally to the core development team,
+open source contributors and those seeking help and guidance.
 
 This isn't an exhaustive list of things that you can't do. Rather, take it in
 the spirit in which it's intended - a guide to make it easier to enrich all of
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 36c9b692ad..f90d5bf36a 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -46,8 +46,9 @@ building communities that are welcoming and inclusive: environments where people
 are encouraged to share ideas, treat each other with respect, and collaborate
 towards the best solutions. To reinforce our commitment, ISC
 has adopted a slightly modified version of the Django
-[Code of Conduct](https://gitlab.isc.org/isc-projects/bind9/-/blob/master/CODE_OF_CONDUCT.md) for the BIND 9 project, as well as for the conduct of our
-developers throughout the industry.
+[Code of Conduct](https://gitlab.isc.org/isc-projects/bind9/-/blob/main/CODE_OF_CONDUCT.md)
+for the BIND 9 project, as well as for the conduct of our developers throughout
+the industry.
 
 ### <a name="access"></a>Access to source code
 
@@ -80,7 +81,7 @@ Whenever a branch is ready for publication, a tag is placed of the
 form `v9_X_Y`.  The 9.12.0 release, for instance, is tagged as `v9_12_0`.
 
 The branch in which the next major release is being developed is called
-`master`.
+`main`.
 
 ### <a name="bugs"></a>Reporting bugs
 
@@ -100,6 +101,7 @@ use credentials from an existing account at GitHub, GitLab, Google,
 Twitter, or Facebook.
 
 ### Reporting possible security issues
+
 If you think you may be seeing a potential security vulnerability in BIND
 (for example, a crash with REQUIRE, INSIST, or ASSERT failure), please
 report it immediately by emailing to security-officer@isc.org. Plain-text
@@ -111,7 +113,8 @@ Do not discuss undisclosed security vulnerabilities on any public mailing list.
 ISC has a long history of handling reported vulnerabilities promptly and
 effectively and we respect and acknowledge responsible reporters.
 
-ISC's Security Vulnerability Disclosure Policy is documented at [https://kb.isc.org/docs/aa-00861](https://kb.isc.org/docs/aa-00861).
+ISC's Security Vulnerability Disclosure Policy is documented at
+[https://kb.isc.org/docs/aa-00861](https://kb.isc.org/docs/aa-00861).
 
 If you have a crash, you may want to consult
 ["What to do if your BIND or DHCP server has crashed."](https://kb.isc.org/docs/aa-00340)
@@ -120,7 +123,8 @@ If you have a crash, you may want to consult
 
 BIND is licensed under the
 [Mozilla Public License 2.0](https://www.mozilla.org/en-US/MPL/2.0/).
-Earlier versions (BIND 9.10 and earlier) were licensed under the [ISC License](https://www.isc.org/licenses/)
+Earlier versions (BIND 9.10 and earlier) were licensed under the
+[ISC License](https://www.isc.org/licenses/)
 
 ISC does not require an explicit copyright assignment for patch
 contributions.  However, by submitting a patch to ISC, you implicitly
@@ -136,7 +140,7 @@ Patches for BIND may be submitted directly via merge requests in
 repository for BIND.
 
 Patches can also be submitted as diffs against a specific version of
-BIND -- preferably the current top of the `master` branch.  Diffs may
+BIND -- preferably the current top of the `main` branch.  Diffs may
 be generated using either `git format-patch` or `git diff`.
 
 Those wanting to write code for BIND may be interested in the
@@ -184,7 +188,8 @@ of documentation in the BIND source tree:
   they document, in files ending in `.rst`: for example, the
   `named` man page is `bin/named/named.rst`.
 * The *BIND 9 Administrator Reference Manual* is in the .rst files in
-  `doc/arm/`; the PDF and HTML versions are automatically generated from the `.rst` files.
+  `doc/arm/`; the PDF and HTML versions are automatically generated from
+  the `.rst` files.
 * API documentation is in the header file describing the API, in
   Doxygen-formatted comments.
 
diff --git a/README.md b/README.md
index b8a10e01e8..18a2ae3eb6 100644
--- a/README.md
+++ b/README.md
@@ -335,7 +335,7 @@ the change that was made; these categories are:
 | [cleanup] | Minor corrections and refactoring |
 | [doc] | Documentation |
 | [contrib] | Changes to the contributed tools and libraries in the 'contrib' subdirectory |
-| [placeholder] | Used in the master development branch to reserve change numbers for use in other branches, e.g., when fixing a bug that only exists in older releases |
+| [placeholder] | Used in the main development branch to reserve change numbers for use in other branches, e.g., when fixing a bug that only exists in older releases |
 
 In general, [func] and [experimental] tags only appear in new-feature
 releases (i.e., those with version numbers ending in zero). Some new
diff --git a/doc/arm/notes.rst b/doc/arm/notes.rst
index b5a303897a..5cbb7ada4d 100644
--- a/doc/arm/notes.rst
+++ b/doc/arm/notes.rst
@@ -52,7 +52,7 @@ https://www.isc.org/download/. There you will find additional
 information about each release, source code, and pre-compiled versions
 for Microsoft Windows operating systems.
 
-.. include:: ../notes/notes-current.rst
+.. include:: ../notes/notes-9.17.5.rst
 .. include:: ../notes/notes-9.17.4.rst
 .. include:: ../notes/notes-9.17.3.rst
 .. include:: ../notes/notes-9.17.2.rst
diff --git a/doc/notes/notes-9.17.5.rst b/doc/notes/notes-9.17.5.rst
new file mode 100644
index 0000000000..2df1ed9936
--- /dev/null
+++ b/doc/notes/notes-9.17.5.rst
@@ -0,0 +1,77 @@
+.. 
+   Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+   
+   This Source Code Form is subject to the terms of the Mozilla Public
+   License, v. 2.0. If a copy of the MPL was not distributed with this
+   file, you can obtain one at https://mozilla.org/MPL/2.0/.
+   
+   See the COPYRIGHT file distributed with this work for additional
+   information regarding copyright ownership.
+
+Notes for BIND 9.17.5
+---------------------
+
+New Features
+~~~~~~~~~~~~
+
+- Add a new ``rndc`` command, ``rndc dnssec -checkds``, which signals to
+  ``named`` that a DS record for a given zone or key has been published
+  or withdrawn from the parent. This command replaces the time-based
+  ``parent-registration-delay`` configuration option. [GL #1613]
+
+- Log when ``named`` adds a CDS/CDNSKEY to the zone. [GL #1748]
+
+Removed Features
+~~~~~~~~~~~~~~~~
+
+- The ``--with-gperftools-profiler`` ``configure`` option was removed.
+  To use the gperftools profiler, the ``HAVE_GPERFTOOLS_PROFILER`` macro
+  now needs to be manually set in ``CFLAGS`` and ``-lprofiler`` needs to
+  be present in ``LDFLAGS``. [GL !4045]
+
+- The ``glue-cache`` *option* has been marked as deprected. The glue
+  cache *feature* still works and will be permanently *enabled* in a
+  future release. [GL #2146]
+
+Feature Changes
+~~~~~~~~~~~~~~~
+
+- Previously, using ``dig +bufsize=0`` had the side effect of disabling
+  EDNS, and there was no way to test the remote server's behavior when
+  it had received a packet with EDNS0 buffer size set to 0. This is no
+  longer the case; ``dig +bufsize=0`` now sends a DNS message with EDNS
+  version 0 and buffer size set to 0. To disable EDNS, use ``dig
+  +noedns``. [GL #2054]
+
+Bug Fixes
+~~~~~~~~~
+
+- In rare circumstances, ``named`` would exit with an assertion failure
+  when the number of nodes stored in the red-black tree exceeded the
+  maximum allowed size of the internal hash table. [GL #2104]
+
+- Silence spurious system log messages for an EPROTO(71) error code that
+  was seen on older operating systems, where unhandled ICMPv6 errors
+  resulted in a generic protocol error being returned instead of a more
+  specific error code. [GL #1928]
+
+- With query name minimization enabled, ``named`` failed to resolve
+  ``ip6.arpa.`` names that had extra labels to the left of the IPv6
+  part. For example, when ``named`` attempted query name minimization on
+  a name like ``A.B.1.2.3.4.(...).ip6.arpa.``, it stopped at the
+  leftmost IPv6 label, i.e. ``1.2.3.4.(...).ip6.arpa.``, without
+  considering the extra labels (``A.B``). That caused a query loop when
+  resolving the name: if ``named`` received NXDOMAIN answers, then the
+  same query was repeatedly sent until the number of queries sent
+  reached the value of the ``max-recursion-queries`` configuration
+  option. [GL #1847]
+
+- Parsing of LOC records was made more strict by rejecting a sole period
+  (``.``) and/or ``m`` as a value. These changes prevent zone files
+  using such values from being loaded. Handling of negative altitudes
+  which are not integers was also corrected. [GL #2074]
+
+- Several problems found by `OSS-Fuzz`_ were fixed. (None of these are
+  security issues.) [GL !3953] [GL !3975]
+
+.. _OSS-Fuzz: https://github.com/google/oss-fuzz
diff --git a/doc/notes/notes-current.rst b/doc/notes/notes-current.rst
deleted file mode 100644
index f5e7f7ffd5..0000000000
--- a/doc/notes/notes-current.rst
+++ /dev/null
@@ -1,75 +0,0 @@
-.. 
-   Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-   
-   This Source Code Form is subject to the terms of the Mozilla Public
-   License, v. 2.0. If a copy of the MPL was not distributed with this
-   file, you can obtain one at https://mozilla.org/MPL/2.0/.
-   
-   See the COPYRIGHT file distributed with this work for additional
-   information regarding copyright ownership.
-
-Notes for BIND 9.17.5
----------------------
-
-Security Fixes
-~~~~~~~~~~~~~~
-
-- None.
-
-Known Issues
-~~~~~~~~~~~~
-
-- None.
-
-New Features
-~~~~~~~~~~~~
-
-- New ``rndc`` command ``rndc dnssec -checkds`` to tell ``named``
-  that a DS record for a given zone or key has been published or withdrawn
-  from the parent. Replaces the time-based ``parent-registration-delay``
-  configuration option. [GL #1613]
-
-- Log when ``named`` adds a CDS/CDNSKEY to the zone. [GL #1748]
-
-Removed Features
-~~~~~~~~~~~~~~~~
-
-- The ``--with-gperftools-profiler`` ``configure`` option was removed.
-  To use the gperftools profiler, the ``HAVE_GPERFTOOLS_PROFILER`` macro
-  now needs to be manually set in ``CFLAGS`` and ``-lprofiler`` needs to
-  be present in ``LDFLAGS``. [GL !4045]
-
-- The ``glue-cache`` *option* has been marked as deprected. The glue
-  cache *feature* still works and will be permanently *enabled* in a
-  future release. [GL #2146]
-
-Feature Changes
-~~~~~~~~~~~~~~~
-
-- Previously, using ``dig +bufsize=0`` had the side effect of disabling EDNS,
-  and there was no way to test the remote server's behavior when it had received
-  a packet with EDNS0 buffer size set to ``0``. This is no longer the case;
-  ``dig +bufsize=0`` now sends a DNS message with EDNS version 0 and buffer size
-  set to ``0``. To disable EDNS, use ``dig +noedns``. [GL #2054]
-
-Bug Fixes
-~~~~~~~~~
-
-- In rare circumstances, named would exit with assertion failure when the number
-  of nodes stored in the red-black-tree exceeds the maximum allowed size of the
-  internal hashtable.  [GL #2104]
-
-- Silence spurious system log messages for EPROTO(71) error code that has been
-  seen on older operating systems where unhandled ICMPv6 errors result in a
-  generic protocol error being returned instead of the more specific error code.
-  [GL #1928]
-
-- With query minimization enabled, named failed to resolve ip6.arpa. names
-  that had more labels before the IPv6 part. For example, when named
-  implemented query minimization on a name like
-  ``A.B.1.2.3.4.(...).ip6.arpa.``, it stopped at the left-most IPv6 label, i.e.
-  ``1.2.3.4.(...).ip6.arpa.`` without considering the extra labels ``A.B``.
-  That caused a query loop when resolving the name: if named received
-  NXDOMAIN answers, then the same query was repeatedly sent until the number
-  of queries sent reached the value in the ``max-recursion-queries``
-  configuration option. [GL #1847]
diff --git a/util/copyrights b/util/copyrights
index 73f8c06aec..5657032d87 100644
--- a/util/copyrights
+++ b/util/copyrights
@@ -1238,7 +1238,7 @@
 ./doc/notes/notes-9.17.2.rst			RST	2020
 ./doc/notes/notes-9.17.3.rst			RST	2020
 ./doc/notes/notes-9.17.4.rst			RST	2020
-./doc/notes/notes-current.rst			RST	2020
+./doc/notes/notes-9.17.5.rst			RST	2020
 ./docutil/HTML_COPYRIGHT			X	2001,2004,2016,2018,2019,2020
 ./docutil/MAN_COPYRIGHT				X	2001,2004,2016,2018,2019,2020
 ./docutil/patch-db2latex-duplicate-template-bug	X	2007,2018,2019,2020