mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-29 05:28:00 +00:00
Code Issues Releases Wiki Activity

regen master

Browse Source
This commit is contained in:
Tinderbox User 2015-11-18 01:04:11 +00:00
parent b57276f89e
commit dec590a3de
27 changed files with 72 additions and 49 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
FAQ
View File

@ -92,7 +92,7 @@ Q: I'm trying to use TSIG to authenticate dynamic updates or zone
rejecting the TSIG. Why?
A: This may be a clock skew problem. Check that the the clocks on the
client and server are properly synchronised (e.g., using ntp).
client and server are properly synchronized (e.g., using ntp).
Q: I see a log message like the following. Why?

2
bin/dig/dig.1
View File

@ -207,7 +207,7 @@ Enable memory usage debugging\&.
.PP
\-p \fIport\fR
.RS 4
Send the query to a non\-standard port on the server, instead of the defaut port 53\&. This option would be used to test a name server that has been configured to listen for queries on a non\-standard port number\&.
Send the query to a non\-standard port on the server, instead of the default port 53\&. This option would be used to test a name server that has been configured to listen for queries on a non\-standard port number\&.
.RE
.PP
\-q \fIname\fR

2
bin/dig/dig.html
View File

@ -191,7 +191,7 @@
<dt><span class="term">-p <em class="replaceable"><code>port</code></em></span></dt>
<dd><p>
Send the query to a non-standard port on the server,
instead of the defaut port 53. This option would be used
instead of the default port 53. This option would be used
to test a name server that has been configured to listen
for queries on a non-standard port number.
</p></dd>

2
bin/dnssec/dnssec-importkey.8
View File

@ -44,7 +44,7 @@
.\" * MAIN CONTENT STARTS HERE *
.\" -----------------------------------------------------------------
.SH "NAME"
dnssec-importkey \- Import DNSKEY records from external systems so they can be managed\&.
dnssec-importkey \- import DNSKEY records from external systems so they can be managed
.SH "SYNOPSIS"
.HP \w'\fBdnssec\-importkey\fR\ 'u
\fBdnssec\-importkey\fR [\fB\-K\ \fR\fB\fIdirectory\fR\fR] [\fB\-L\ \fR\fB\fIttl\fR\fR] [\fB\-P\ \fR\fB\fIdate/offset\fR\fR] [\fB\-P\ sync\ \fR\fB\fIdate/offset\fR\fR] [\fB\-D\ \fR\fB\fIdate/offset\fR\fR] [\fB\-D\ sync\ \fR\fB\fIdate/offset\fR\fR] [\fB\-h\fR] [\fB\-v\ \fR\fB\fIlevel\fR\fR] [\fB\-V\fR] {\fBkeyfile\fR}

2
bin/dnssec/dnssec-importkey.html
View File

@ -24,7 +24,7 @@
<a name="man.dnssec-importkey"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p><span class="application">dnssec-importkey</span> &#8212; Import DNSKEY records from external systems so they can be managed.</p>
<p><span class="application">dnssec-importkey</span> &#8212; import DNSKEY records from external systems so they can be managed</p>
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>

2
bin/dnssec/dnssec-revoke.8
View File

@ -44,7 +44,7 @@
.\" * MAIN CONTENT STARTS HERE *
.\" -----------------------------------------------------------------
.SH "NAME"
dnssec-revoke \- Set the REVOKED bit on a DNSSEC key
dnssec-revoke \- set the REVOKED bit on a DNSSEC key
.SH "SYNOPSIS"
.HP \w'\fBdnssec\-revoke\fR\ 'u
\fBdnssec\-revoke\fR [\fB\-hr\fR] [\fB\-v\ \fR\fB\fIlevel\fR\fR] [\fB\-V\fR] [\fB\-K\ \fR\fB\fIdirectory\fR\fR] [\fB\-E\ \fR\fB\fIengine\fR\fR] [\fB\-f\fR] [\fB\-R\fR] {keyfile}

2
bin/dnssec/dnssec-revoke.html
View File

@ -23,7 +23,7 @@
<a name="man.dnssec-revoke"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p><span class="application">dnssec-revoke</span> &#8212; Set the REVOKED bit on a DNSSEC key</p>
<p><span class="application">dnssec-revoke</span> &#8212; set the REVOKED bit on a DNSSEC key</p>
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>

2
bin/dnssec/dnssec-settime.8
View File

@ -44,7 +44,7 @@
.\" * MAIN CONTENT STARTS HERE *
.\" -----------------------------------------------------------------
.SH "NAME"
dnssec-settime \- Set the key timing metadata for a DNSSEC key
dnssec-settime \- set the key timing metadata for a DNSSEC key
.SH "SYNOPSIS"
.HP \w'\fBdnssec\-settime\fR\ 'u
\fBdnssec\-settime\fR [\fB\-f\fR] [\fB\-K\ \fR\fB\fIdirectory\fR\fR] [\fB\-L\ \fR\fB\fIttl\fR\fR] [\fB\-P\ \fR\fB\fIdate/offset\fR\fR] [\fB\-P\ sync\ \fR\fB\fIdate/offset\fR\fR] [\fB\-A\ \fR\fB\fIdate/offset\fR\fR] [\fB\-R\ \fR\fB\fIdate/offset\fR\fR] [\fB\-I\ \fR\fB\fIdate/offset\fR\fR] [\fB\-D\ sync\ \fR\fB\fIdate/offset\fR\fR] [\fB\-D\ sync\ \fR\fB\fIdate/offset\fR\fR] [\fB\-h\fR] [\fB\-V\fR] [\fB\-v\ \fR\fB\fIlevel\fR\fR] [\fB\-E\ \fR\fB\fIengine\fR\fR] {keyfile}

2
bin/dnssec/dnssec-settime.html
View File

@ -23,7 +23,7 @@
<a name="man.dnssec-settime"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p><span class="application">dnssec-settime</span> &#8212; Set the key timing metadata for a DNSSEC key</p>
<p><span class="application">dnssec-settime</span> &#8212; set the key timing metadata for a DNSSEC key</p>
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>

2
bin/python/dnssec-checkds.8
View File

@ -44,7 +44,7 @@
.\" * MAIN CONTENT STARTS HERE *
.\" -----------------------------------------------------------------
.SH "NAME"
dnssec-checkds \- A DNSSEC delegation consistency checking tool\&.
dnssec-checkds \- DNSSEC delegation consistency checking tool
.SH "SYNOPSIS"
.HP \w'\fBdnssec\-checkds\fR\ 'u
\fBdnssec\-checkds\fR [\fB\-l\ \fR\fB\fIdomain\fR\fR] [\fB\-f\ \fR\fB\fIfile\fR\fR] [\fB\-d\ \fR\fB\fIdig\ path\fR\fR] [\fB\-D\ \fR\fB\fIdsfromkey\ path\fR\fR] {zone}

2
bin/python/dnssec-checkds.html
View File

@ -23,7 +23,7 @@
<a name="man.dnssec-checkds"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p><span class="application">dnssec-checkds</span> &#8212; A DNSSEC delegation consistency checking tool.</p>
<p><span class="application">dnssec-checkds</span> &#8212; DNSSEC delegation consistency checking tool</p>
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>

2
bin/tools/named-rrchecker.1
View File

@ -44,7 +44,7 @@
.\" * MAIN CONTENT STARTS HERE *
.\" -----------------------------------------------------------------
.SH "NAME"
named-rrchecker \- A syntax checker for individual DNS resource records
named-rrchecker \- syntax checker for individual DNS resource records
.SH "SYNOPSIS"
.HP \w'\fBnamed\-rrchecker\fR\ 'u
\fBnamed\-rrchecker\fR [\fB\-h\fR] [\fB\-o\ \fR\fB\fIorigin\fR\fR] [\fB\-p\fR] [\fB\-u\fR] [\fB\-C\fR] [\fB\-T\fR] [\fB\-P\fR]

2
bin/tools/named-rrchecker.html
View File

@ -24,7 +24,7 @@
<a name="man.named-rrchecker"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p><span class="application">named-rrchecker</span> &#8212; A syntax checker for individual DNS resource records</p>
<p><span class="application">named-rrchecker</span> &#8212; syntax checker for individual DNS resource records</p>
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>

18
doc/arm/Bv9ARM.ch04.html
View File

@ -134,12 +134,14 @@
</p>
<div class="note" style="margin-left: 0.5in; margin-right: 0.5in;">
<h3 class="title">Note</h3>
<p>
As a slave zone can also be a master to other slaves, <span class="command"><strong>named</strong></span>,
by default, sends <span class="command"><strong>NOTIFY</strong></span> messages for every zone
it loads. Specifying <span class="command"><strong>notify master-only;</strong></span> will
cause <span class="command"><strong>named</strong></span> to only send <span class="command"><strong>NOTIFY</strong></span> for master
zones that it loads.
</div>
</p>
</div>
</div>
<div class="section">
<div class="titlepage"><div><div><h2 class="title" style="clear: both">
@ -1064,9 +1066,11 @@ options {
</pre>
<div class="note" style="margin-left: 0.5in; margin-right: 0.5in;">
<h3 class="title">Note</h3>
<p>
None of the keys listed in this example are valid. In particular,
the root key is not valid.
</div>
</p>
</div>
<p>
When DNSSEC validation is enabled and properly configured,
the resolver will reject any answers from signed, secure zones
@ -1614,12 +1618,14 @@ $ <strong class="userinput"><code> /opt/pkcs11/usr/bin/softhsm-util --init-token
</p>
<div class="note" style="margin-left: 0.5in; margin-right: 0.5in;">
<h3 class="title">Note</h3>
<p>
The latest OpenSSL versions as of this writing (January 2015)
are 0.9.8zc, 1.0.0o, and 1.0.1j.
ISC will provide updated patches as new versions of OpenSSL
are released. The version number in the following examples
is expected to change.
</div>
</p>
</div>
<p>
Before building BIND 9 with PKCS#11 support, it will be
necessary to build OpenSSL with the patch in place, and configure
@ -1642,10 +1648,12 @@ $ <strong class="userinput"><code>patch -p1 -d openssl-0.9.8zc \
</pre>
<div class="note" style="margin-left: 0.5in; margin-right: 0.5in;">
<h3 class="title">Note</h3>
Note that the patch file may not be compatible with the
<p>
The patch file may not be compatible with the
"patch" utility on all operating systems. You may need to
install GNU patch.
</div>
</p>
</div>
<p>
When building OpenSSL, place it in a non-standard
location so that it does not interfere with OpenSSL libraries

19
doc/arm/Bv9ARM.ch06.html
View File

@ -475,7 +475,7 @@
followed by '%' to represent percents.
</p>
<p>
The behaviour is exactly the same as
The behavior is exactly the same as
<code class="varname">size_spec</code>, but
<code class="varname">size_or_percent</code> allows also
to specify a positive integer value followed by
@ -3876,7 +3876,6 @@ options {
queries.
Caching may still occur as an effect the server's internal
operation, such as NOTIFY address lookups.
See also <span class="command"><strong>fetch-glue</strong></span> above.
</p></dd>
<dt><span class="term"><span class="command"><strong>request-nsid</strong></span></span></dt>
<dd><p>
@ -5242,13 +5241,15 @@ avoid-v6-udp-ports {};
</p>
<div class="note" style="margin-left: 0.5in; margin-right: 0.5in;">
<h3 class="title">Note</h3>
<p>
If you do not wish the alternate transfer source
to be used, you should set
<span class="command"><strong>use-alt-transfer-source</strong></span>
appropriately and you should not depend upon
getting an answer back to the first refresh
query.
</div>
</p>
</div>
</dd>
<dt><span class="term"><span class="command"><strong>alt-transfer-source-v6</strong></span></span></dt>
<dd><p>
@ -6334,7 +6335,7 @@ avoid-v6-udp-ports { 40000; range 50000 60000; };
may be sent while servicing a recursive query.
If more queries are sent, the recursive query
is terminated and returns SERVFAIL. Queries to
look up top level comains such as "com" and "net"
look up top level domains such as "com" and "net"
and the DNS root zone are exempt from this limitation.
The default is 75.
</p></dd>
@ -6613,11 +6614,13 @@ avoid-v6-udp-ports { 40000; range 50000 60000; };
</p>
<div class="note" style="margin-left: 0.5in; margin-right: 0.5in;">
<h3 class="title">Note</h3>
<p>
The real parent servers for these zones should disable all
empty zone under the parent zone they serve. For the real
root servers, this is all built-in empty zones. This will
enable them to return referrals to deeper in the tree.
</div>
</p>
</div>
<div class="variablelist"><dl class="variablelist">
<dt><span class="term"><span class="command"><strong>empty-server</strong></span></span></dt>
<dd><p>
@ -7055,7 +7058,7 @@ deny-answer-aliases { "example.net"; };
<p>
A special form of local data is a CNAME whose target is a
wildcard such as *.example.com.
It is used as if were an ordinary CNAME after the astrisk (*)
It is used as if were an ordinary CNAME after the asterisk (*)
has been replaced with the query name.
The purpose for this special form is query logging in the
walled garden's authority DNS server.
@ -9198,7 +9201,7 @@ example.com. NS ns2.example.net.
unsigned zone is transferred in or loaded from
disk and a signed version of the zone is served,
with possibly, a different serial number. This
behaviour is disabled by default.
behavior is disabled by default.
</p></dd>
<dt><span class="term"><span class="command"><strong>multi-master</strong></span></span></dt>
<dd><p>
@ -9413,7 +9416,7 @@ example.com. NS ns2.example.net.
The <em class="replaceable"><code>name</code></em> field
is subject to DNS wildcard expansion, and
this rule matches when the name being updated
name is a valid expansion of the wildcard.
is a valid expansion of the wildcard.
</p>
</td>
</tr>

6
doc/arm/Bv9ARM.ch07.html
View File

@ -312,10 +312,12 @@ allow-query { !{ !10/8; any; }; key example; };
</p>
<div class="note" style="margin-left: 0.5in; margin-right: 0.5in;">
<h3 class="title">Note</h3>
Note that if the <span class="command"><strong>named</strong></span> daemon is running as an
<p>
If the <span class="command"><strong>named</strong></span> daemon is running as an
unprivileged user, it will not be able to bind to new restricted
ports if the server is reloaded.
</div>
</p>
</div>
</div>
</div>
<div class="section">

5
doc/arm/Bv9ARM.ch09.html
View File

@ -88,7 +88,7 @@
records with an incorrect class to be be accepted,
triggering a REQUIRE failure when those records
were subsequently cached. This flaw is disclosed
in CVE-2015-8000. [RT #4098]
in CVE-2015-8000. [RT #40987]
</p></li>
<li class="listitem"><p>
An incorrect boundary check in the OPENPGPKEY rdatatype
@ -504,6 +504,9 @@
<div class="titlepage"><div><div><h3 class="title">
<a name="relnotes_changes"></a>Feature Changes</h3></div></div></div>
<div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; ">
<li class="listitem"><p>
Updated the complied in addresses for H.ROOT-SERVERS.NET.
</p></li>
<li class="listitem"><p>
ACLs containing <span class="command"><strong>geoip asnum</strong></span> elements were
not correctly matched unless the full organization name was

10
doc/arm/Bv9ARM.ch12.html
View File

@ -432,9 +432,13 @@ $ <strong class="userinput"><code>make</code></strong>
</p></dd>
</dl></div>
<div class="note" style="margin-left: 0.5in; margin-right: 0.5in;">
<h3 class="title">Note</h3>In practice, either -a or -r must be specified. Others can
be optional; the underlying library routine tries to identify the
appropriate server and the zone name for the update.</div>
<h3 class="title">Note</h3>
<p>
In practice, either -a or -r must be specified. Others can
be optional; the underlying library routine tries to identify the
appropriate server and the zone name for the update.
</p>
</div>
<p>
Examples: assuming the primary authoritative server of the
dynamic.example.com zone has an IPv6 address 2001:db8::1234,

10
doc/arm/Bv9ARM.ch13.html
View File

@ -57,7 +57,7 @@
<span class="refentrytitle"><a href="man.delv.html">delv</a></span><span class="refpurpose"> &#8212; DNS lookup and validation utility</span>
</dt>
<dt>
<span class="refentrytitle"><a href="man.dnssec-checkds.html"><span class="application">dnssec-checkds</span></a></span><span class="refpurpose"> &#8212; A DNSSEC delegation consistency checking tool.</span>
<span class="refentrytitle"><a href="man.dnssec-checkds.html"><span class="application">dnssec-checkds</span></a></span><span class="refpurpose"> &#8212; DNSSEC delegation consistency checking tool</span>
</dt>
<dt>
<span class="refentrytitle"><a href="man.dnssec-coverage.html"><span class="application">dnssec-coverage</span></a></span><span class="refpurpose"> &#8212; checks future DNSKEY coverage for a zone</span>
@ -66,7 +66,7 @@
<span class="refentrytitle"><a href="man.dnssec-dsfromkey.html"><span class="application">dnssec-dsfromkey</span></a></span><span class="refpurpose"> &#8212; DNSSEC DS RR generation tool</span>
</dt>
<dt>
<span class="refentrytitle"><a href="man.dnssec-importkey.html"><span class="application">dnssec-importkey</span></a></span><span class="refpurpose"> &#8212; Import DNSKEY records from external systems so they can be managed.</span>
<span class="refentrytitle"><a href="man.dnssec-importkey.html"><span class="application">dnssec-importkey</span></a></span><span class="refpurpose"> &#8212; import DNSKEY records from external systems so they can be managed</span>
</dt>
<dt>
<span class="refentrytitle"><a href="man.dnssec-keyfromlabel.html"><span class="application">dnssec-keyfromlabel</span></a></span><span class="refpurpose"> &#8212; DNSSEC key generation tool</span>
@ -75,10 +75,10 @@
<span class="refentrytitle"><a href="man.dnssec-keygen.html"><span class="application">dnssec-keygen</span></a></span><span class="refpurpose"> &#8212; DNSSEC key generation tool</span>
</dt>
<dt>
<span class="refentrytitle"><a href="man.dnssec-revoke.html"><span class="application">dnssec-revoke</span></a></span><span class="refpurpose"> &#8212; Set the REVOKED bit on a DNSSEC key</span>
<span class="refentrytitle"><a href="man.dnssec-revoke.html"><span class="application">dnssec-revoke</span></a></span><span class="refpurpose"> &#8212; set the REVOKED bit on a DNSSEC key</span>
</dt>
<dt>
<span class="refentrytitle"><a href="man.dnssec-settime.html"><span class="application">dnssec-settime</span></a></span><span class="refpurpose"> &#8212; Set the key timing metadata for a DNSSEC key</span>
<span class="refentrytitle"><a href="man.dnssec-settime.html"><span class="application">dnssec-settime</span></a></span><span class="refpurpose"> &#8212; set the key timing metadata for a DNSSEC key</span>
</dt>
<dt>
<span class="refentrytitle"><a href="man.dnssec-signzone.html"><span class="application">dnssec-signzone</span></a></span><span class="refpurpose"> &#8212; DNSSEC zone signing tool</span>
@ -105,7 +105,7 @@
<span class="refentrytitle"><a href="man.named-journalprint.html"><span class="application">named-journalprint</span></a></span><span class="refpurpose"> &#8212; print zone journal in human-readable form</span>
</dt>
<dt>
<span class="refentrytitle"><a href="man.named-rrchecker.html"><span class="application">named-rrchecker</span></a></span><span class="refpurpose"> &#8212; A syntax checker for individual DNS resource records</span>
<span class="refentrytitle"><a href="man.named-rrchecker.html"><span class="application">named-rrchecker</span></a></span><span class="refpurpose"> &#8212; syntax checker for individual DNS resource records</span>
</dt>
<dt>
<span class="refentrytitle"><a href="man.nsupdate.html"><span class="application">nsupdate</span></a></span><span class="refpurpose"> &#8212; Dynamic DNS update utility</span>

10
doc/arm/Bv9ARM.html
View File

@ -292,7 +292,7 @@
<span class="refentrytitle"><a href="man.delv.html">delv</a></span><span class="refpurpose"> &#8212; DNS lookup and validation utility</span>
</dt>
<dt>
<span class="refentrytitle"><a href="man.dnssec-checkds.html"><span class="application">dnssec-checkds</span></a></span><span class="refpurpose"> &#8212; A DNSSEC delegation consistency checking tool.</span>
<span class="refentrytitle"><a href="man.dnssec-checkds.html"><span class="application">dnssec-checkds</span></a></span><span class="refpurpose"> &#8212; DNSSEC delegation consistency checking tool</span>
</dt>
<dt>
<span class="refentrytitle"><a href="man.dnssec-coverage.html"><span class="application">dnssec-coverage</span></a></span><span class="refpurpose"> &#8212; checks future DNSKEY coverage for a zone</span>
@ -301,7 +301,7 @@
<span class="refentrytitle"><a href="man.dnssec-dsfromkey.html"><span class="application">dnssec-dsfromkey</span></a></span><span class="refpurpose"> &#8212; DNSSEC DS RR generation tool</span>
</dt>
<dt>
<span class="refentrytitle"><a href="man.dnssec-importkey.html"><span class="application">dnssec-importkey</span></a></span><span class="refpurpose"> &#8212; Import DNSKEY records from external systems so they can be managed.</span>
<span class="refentrytitle"><a href="man.dnssec-importkey.html"><span class="application">dnssec-importkey</span></a></span><span class="refpurpose"> &#8212; import DNSKEY records from external systems so they can be managed</span>
</dt>
<dt>
<span class="refentrytitle"><a href="man.dnssec-keyfromlabel.html"><span class="application">dnssec-keyfromlabel</span></a></span><span class="refpurpose"> &#8212; DNSSEC key generation tool</span>
@ -310,10 +310,10 @@
<span class="refentrytitle"><a href="man.dnssec-keygen.html"><span class="application">dnssec-keygen</span></a></span><span class="refpurpose"> &#8212; DNSSEC key generation tool</span>
</dt>
<dt>
<span class="refentrytitle"><a href="man.dnssec-revoke.html"><span class="application">dnssec-revoke</span></a></span><span class="refpurpose"> &#8212; Set the REVOKED bit on a DNSSEC key</span>
<span class="refentrytitle"><a href="man.dnssec-revoke.html"><span class="application">dnssec-revoke</span></a></span><span class="refpurpose"> &#8212; set the REVOKED bit on a DNSSEC key</span>
</dt>
<dt>
<span class="refentrytitle"><a href="man.dnssec-settime.html"><span class="application">dnssec-settime</span></a></span><span class="refpurpose"> &#8212; Set the key timing metadata for a DNSSEC key</span>
<span class="refentrytitle"><a href="man.dnssec-settime.html"><span class="application">dnssec-settime</span></a></span><span class="refpurpose"> &#8212; set the key timing metadata for a DNSSEC key</span>
</dt>
<dt>
<span class="refentrytitle"><a href="man.dnssec-signzone.html"><span class="application">dnssec-signzone</span></a></span><span class="refpurpose"> &#8212; DNSSEC zone signing tool</span>
@ -340,7 +340,7 @@
<span class="refentrytitle"><a href="man.named-journalprint.html"><span class="application">named-journalprint</span></a></span><span class="refpurpose"> &#8212; print zone journal in human-readable form</span>
</dt>
<dt>
<span class="refentrytitle"><a href="man.named-rrchecker.html"><span class="application">named-rrchecker</span></a></span><span class="refpurpose"> &#8212; A syntax checker for individual DNS resource records</span>
<span class="refentrytitle"><a href="man.named-rrchecker.html"><span class="application">named-rrchecker</span></a></span><span class="refpurpose"> &#8212; syntax checker for individual DNS resource records</span>
</dt>
<dt>
<span class="refentrytitle"><a href="man.nsupdate.html"><span class="application">nsupdate</span></a></span><span class="refpurpose"> &#8212; Dynamic DNS update utility</span>

2
doc/arm/man.dig.html
View File

@ -209,7 +209,7 @@
<dt><span class="term">-p <em class="replaceable"><code>port</code></em></span></dt>
<dd><p>
Send the query to a non-standard port on the server,
instead of the defaut port 53. This option would be used
instead of the default port 53. This option would be used
to test a name server that has been configured to listen
for queries on a non-standard port number.
</p></dd>

2
doc/arm/man.dnssec-checkds.html
View File

@ -42,7 +42,7 @@
<a name="man.dnssec-checkds"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p><span class="application">dnssec-checkds</span> &#8212; A DNSSEC delegation consistency checking tool.</p>
<p><span class="application">dnssec-checkds</span> &#8212; DNSSEC delegation consistency checking tool</p>
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>

2
doc/arm/man.dnssec-importkey.html
View File

@ -42,7 +42,7 @@
<a name="man.dnssec-importkey"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p><span class="application">dnssec-importkey</span> &#8212; Import DNSKEY records from external systems so they can be managed.</p>
<p><span class="application">dnssec-importkey</span> &#8212; import DNSKEY records from external systems so they can be managed</p>
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>

2
doc/arm/man.dnssec-revoke.html
View File

@ -42,7 +42,7 @@
<a name="man.dnssec-revoke"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p><span class="application">dnssec-revoke</span> &#8212; Set the REVOKED bit on a DNSSEC key</p>
<p><span class="application">dnssec-revoke</span> &#8212; set the REVOKED bit on a DNSSEC key</p>
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>

2
doc/arm/man.dnssec-settime.html
View File

@ -42,7 +42,7 @@
<a name="man.dnssec-settime"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p><span class="application">dnssec-settime</span> &#8212; Set the key timing metadata for a DNSSEC key</p>
<p><span class="application">dnssec-settime</span> &#8212; set the key timing metadata for a DNSSEC key</p>
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>

2
doc/arm/man.named-rrchecker.html
View File

@ -42,7 +42,7 @@
<a name="man.named-rrchecker"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p><span class="application">named-rrchecker</span> &#8212; A syntax checker for individual DNS resource records</p>
<p><span class="application">named-rrchecker</span> &#8212; syntax checker for individual DNS resource records</p>
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>

5
doc/arm/notes.html
View File

@ -49,7 +49,7 @@
records with an incorrect class to be be accepted,
triggering a REQUIRE failure when those records
were subsequently cached. This flaw is disclosed
in CVE-2015-8000. [RT #4098]
in CVE-2015-8000. [RT #40987]
</p></li>
<li class="listitem"><p>
An incorrect boundary check in the OPENPGPKEY rdatatype
@ -465,6 +465,9 @@
<div class="titlepage"><div><div><h3 class="title">
<a name="relnotes_changes"></a>Feature Changes</h3></div></div></div>
<div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; ">
<li class="listitem"><p>
Updated the complied in addresses for H.ROOT-SERVERS.NET.
</p></li>
<li class="listitem"><p>
ACLs containing <span class="command"><strong>geoip asnum</strong></span> elements were
not correctly matched unless the full organization name was