Bv9ARM.ch09.html revision d253648fe3331622cebea02d60aaecca3082d78d
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter - Copyright (C) 2000-2017 Internet Systems Consortium, Inc. ("ISC")
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter - This Source Code Form is subject to the terms of the Mozilla Public
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter - License, v. 2.0. If a copy of the MPL was not distributed with this
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter - file, You can obtain one at http://mozilla.org/MPL/2.0/.
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter<meta name="generator" content="DocBook XSL Stylesheets V1.78.1">
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter<link rel="home" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter<link rel="up" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter<link rel="prev" href="Bv9ARM.ch08.html" title="Chapter�8.�Troubleshooting">
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter<link rel="next" href="Bv9ARM.ch10.html" title="Appendix�B.�A Brief History of the DNS and BIND">
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter<tr><th colspan="3" align="center">Appendix�A.�Release Notes</th></tr>
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter<a accesskey="p" href="Bv9ARM.ch08.html">Prev</a>�</td>
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter<td width="20%" align="right">�<a accesskey="n" href="Bv9ARM.ch10.html">Next</a>
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter<div class="titlepage"><div><div><h1 class="title">
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter<a name="Bv9ARM.ch09"></a>Release Notes</h1></div></div></div>
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter<dt><span class="section"><a href="Bv9ARM.ch09.html#id-1.10.2">Release Notes for BIND Version 9.11.2</a></span></dt>
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter<dt><span class="section"><a href="Bv9ARM.ch09.html#relnotes_intro">Introduction</a></span></dt>
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter<dt><span class="section"><a href="Bv9ARM.ch09.html#relnotes_download">Download</a></span></dt>
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter<dt><span class="section"><a href="Bv9ARM.ch09.html#root_key">New DNSSEC Root Key</a></span></dt>
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter<dt><span class="section"><a href="Bv9ARM.ch09.html#relnotes_license">License Change</a></span></dt>
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter<dt><span class="section"><a href="Bv9ARM.ch09.html#win_support">Legacy Windows No Longer Supported</a></span></dt>
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter<dt><span class="section"><a href="Bv9ARM.ch09.html#relnotes_security">Security Fixes</a></span></dt>
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter<dt><span class="section"><a href="Bv9ARM.ch09.html#relnotes_removed">Removed Features</a></span></dt>
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter<dt><span class="section"><a href="Bv9ARM.ch09.html#proto_changes">Protocol Changes</a></span></dt>
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter<dt><span class="section"><a href="Bv9ARM.ch09.html#relnotes_changes">Feature Changes</a></span></dt>
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter<dt><span class="section"><a href="Bv9ARM.ch09.html#relnotes_bugs">Bug Fixes</a></span></dt>
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter<dt><span class="section"><a href="Bv9ARM.ch09.html#end_of_life">End of Life</a></span></dt>
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter<dt><span class="section"><a href="Bv9ARM.ch09.html#relnotes_thanks">Thank You</a></span></dt>
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter<div class="titlepage"><div><div><h2 class="title" style="clear: both">
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter<a name="id-1.10.2"></a>Release Notes for BIND Version 9.11.2</h2></div></div></div>
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter<div class="titlepage"><div><div><h3 class="title">
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter<a name="relnotes_intro"></a>Introduction</h3></div></div></div>
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter This document summarizes changes since the last production
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter release on the BIND 9.11 branch.
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter Please see the <code class="filename">CHANGES</code> file for a further
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter list of bug fixes and other changes.
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter<div class="titlepage"><div><div><h3 class="title">
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter<a name="relnotes_download"></a>Download</h3></div></div></div>
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter The latest versions of BIND 9 software can always be found at
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter <a class="link" href="http://www.isc.org/downloads/" target="_top">http://www.isc.org/downloads/</a>.
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter There you will find additional information about each release,
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter source code, and pre-compiled versions for Microsoft Windows
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter operating systems.
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter<div class="titlepage"><div><div><h3 class="title">
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter<a name="root_key"></a>New DNSSEC Root Key</h3></div></div></div>
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter ICANN is in the process of introducing a new Key Signing Key (KSK) for
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter the global root zone. BIND has multiple methods for managing DNSSEC
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter trust anchors, with somewhat different behaviors. If the root
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter key is configured using the <span class="command"><strong>managed-keys</strong></span>
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter statement, or if the pre-configured root key is enabled by using
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter <span class="command"><strong>dnssec-validation auto</strong></span>, then BIND can keep keys up
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter to date automatically. Servers configured in this way should have
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter begun the process of rolling to the new key when it was published in
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter the root zone in July 2017. However, keys configured using the
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter <span class="command"><strong>trusted-keys</strong></span> statement are not automatically
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter maintained. If your server is performing DNSSEC validation and is
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter configured using <span class="command"><strong>trusted-keys</strong></span>, you are advised to
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter change your configuration before the root zone begins signing with
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter the new KSK. This is currently scheduled for October 11, 2017.
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter This release includes an updated version of the
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter <code class="filename">bind.keys</code> file containing the new root
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter key. This file can also be downloaded from
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter <a class="link" href="https://www.isc.org/bind-keys" target="_top">
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter<div class="titlepage"><div><div><h3 class="title">
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter<a name="relnotes_license"></a>License Change</h3></div></div></div>
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter With the release of BIND 9.11.0, ISC changed to the open
1319e71fd1680ca4864afe0b1aca2b8c8e4a1ee4Stef Walter source license for BIND from the ISC license to the Mozilla
1319e71fd1680ca4864afe0b1aca2b8c8e4a1ee4Stef Walter Public License (MPL 2.0).
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter The MPL-2.0 license requires that if you make changes to
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter licensed software (e.g. BIND) and distribute them outside
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter your organization, that you publish those changes under that
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter same license. It does not require that you publish or disclose
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter anything other than the changes you made to our software.
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter This requirement will not affect anyone who is using BIND, with
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter or without modifications, without redistributing it, nor anyone
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter redistributing it without changes. Therefore, this change will be
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter without consequence for most individuals and organizations who are
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter Those unsure whether or not the license change affects their
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter use of BIND, or who wish to discuss how to comply with the
1319e71fd1680ca4864afe0b1aca2b8c8e4a1ee4Stef Walter license may contact ISC at <a class="link" href="https://www.isc.org/mission/contact/" target="_top">
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter<div class="titlepage"><div><div><h3 class="title">
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter<a name="win_support"></a>Legacy Windows No Longer Supported</h3></div></div></div>
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter As of BIND 9.11.2, Windows XP and Windows 2003 are no longer supported
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter platforms for BIND; "XP" binaries are no longer available for download
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter<div class="titlepage"><div><div><h3 class="title">
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter<a name="relnotes_security"></a>Security Fixes</h3></div></div></div>
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter <div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; ">
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter An error in TSIG handling could permit unauthorized zone
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter transfers or zone updates. These flaws are disclosed in
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter CVE-2017-3142 and CVE-2017-3143. [RT #45383]
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter The BIND installer on Windows used an unquoted service path,
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter which can enable privilege escalation. This flaw is disclosed
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter in CVE-2017-3141. [RT #45229]
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter With certain RPZ configurations, a response with TTL 0
1319e71fd1680ca4864afe0b1aca2b8c8e4a1ee4Stef Walter could cause <span class="command"><strong>named</strong></span> to go into an infinite
1319e71fd1680ca4864afe0b1aca2b8c8e4a1ee4Stef Walter query loop. This flaw is disclosed in CVE-2017-3140.
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter<div class="titlepage"><div><div><h3 class="title">
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter<a name="relnotes_removed"></a>Removed Features</h3></div></div></div>
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter <div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem">
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter The ISC DNSSEC Lookaside Validation (DLV) service has
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter been shut down; all DLV records in the dlv.isc.org zone
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter have been removed. References to the service have been
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter removed from BIND documentation. Lookaside validation
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter is no longer used by default by <span class="command"><strong>delv</strong></span>.
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter The DLV key has been removed from <code class="filename">bind.keys</code>.
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter Setting <span class="command"><strong>dnssec-lookaside</strong></span> to
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter <span class="command"><strong>auto</strong></span> or to use dlv.isc.org as a trust
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter anchor results in a warning being issued.
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter<div class="titlepage"><div><div><h3 class="title">
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter<a name="proto_changes"></a>Protocol Changes</h3></div></div></div>
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter <div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; ">
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter BIND can now use the Ed25519 and Ed448 Edwards Curve DNSSEC
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter signing algorithms described in RFC 8080. Note, however, that
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter these algorithms must be supported in OpenSSL;
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter currently they are only available in the development branch
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter of OpenSSL at
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter <a class="link" href="https://github.com/openssl/openssl" target="_top">
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter When parsing DNS messages, EDNS KEY TAG options are checked
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter for correctness. When printing messages (for example, in
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter <span class="command"><strong>dig</strong></span>), EDNS KEY TAG options are printed
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter in readable format.
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter<div class="titlepage"><div><div><h3 class="title">
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter<a name="relnotes_changes"></a>Feature Changes</h3></div></div></div>
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter <div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; ">
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter <span class="command"><strong>named</strong></span> will no longer start or accept
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter reconfiguration if <span class="command"><strong>managed-keys</strong></span> or
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter <span class="command"><strong>dnssec-validation auto</strong></span> are in use and
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter the managed-keys directory (specified by
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter <span class="command"><strong>managed-keys-directory</strong></span>, and defaulting
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter to the working directory if not specified),
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter is not writable by the effective user ID. [RT #46077]
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter Previously, <span class="command"><strong>update-policy local;</strong></span> accepted
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter updates from any source so long as they were signed by the
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter locally-generated session key. This has been further restricted;
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter updates are now only accepted from locally configured addresses.
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter <span class="command"><strong>dig +ednsopt</strong></span> now accepts the names
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter for EDNS options in addition to numeric values. For example,
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter an EDNS Client-Subnet option could be sent using
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter <span class="command"><strong>dig +ednsopt=ecs:...</strong></span>. Thanks to
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter John Worley of Secure64 for the contribution. [RT #44461]
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter Threads in <span class="command"><strong>named</strong></span> are now set to human-readable
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter names to assist debugging on operating systems that support that.
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter Threads will have names such as "isc-timer", "isc-sockmgr",
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter "isc-worker0001", and so on. This will affect the reporting of
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter subsidiary thread names in <span class="command"><strong>ps</strong></span> and
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter <span class="command"><strong>top</strong></span>, but not the main thread. [RT #43234]
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter DiG now warns about .local queries which are reserved for
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter Multicast DNS. [RT #44783]
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter<div class="titlepage"><div><div><h3 class="title">
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter<a name="relnotes_bugs"></a>Bug Fixes</h3></div></div></div>
1319e71fd1680ca4864afe0b1aca2b8c8e4a1ee4Stef Walter <div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; ">
1319e71fd1680ca4864afe0b1aca2b8c8e4a1ee4Stef Walter When <span class="command"><strong>named</strong></span> was reconfigured, failure of some
1319e71fd1680ca4864afe0b1aca2b8c8e4a1ee4Stef Walter zones to load correctly could leave the system in an inconsistent
1319e71fd1680ca4864afe0b1aca2b8c8e4a1ee4Stef Walter state; while generally harmless, this could lead to a crash later
1319e71fd1680ca4864afe0b1aca2b8c8e4a1ee4Stef Walter when using <span class="command"><strong>rndc addzone</strong></span>. Reconfiguration changes
1319e71fd1680ca4864afe0b1aca2b8c8e4a1ee4Stef Walter are now fully rolled back in the event of failure. [RT #45841]
1319e71fd1680ca4864afe0b1aca2b8c8e4a1ee4Stef Walter Fixed a bug that was introduced in an earlier development
1319e71fd1680ca4864afe0b1aca2b8c8e4a1ee4Stef Walter release which caused multi-packet AXFR and IXFR messages to fail
1319e71fd1680ca4864afe0b1aca2b8c8e4a1ee4Stef Walter validation if not all packets contained TSIG records; this
1319e71fd1680ca4864afe0b1aca2b8c8e4a1ee4Stef Walter caused interoperability problems with some other DNS
1319e71fd1680ca4864afe0b1aca2b8c8e4a1ee4Stef Walter implementations. [RT #45509]
1319e71fd1680ca4864afe0b1aca2b8c8e4a1ee4Stef Walter Reloading or reconfiguring <span class="command"><strong>named</strong></span> could
1319e71fd1680ca4864afe0b1aca2b8c8e4a1ee4Stef Walter fail on some platforms when LMDB was in use. [RT #45203]
1319e71fd1680ca4864afe0b1aca2b8c8e4a1ee4Stef Walter Due to some incorrectly deleted code, when BIND was
1319e71fd1680ca4864afe0b1aca2b8c8e4a1ee4Stef Walter built with LMDB, zones that were deleted via
1319e71fd1680ca4864afe0b1aca2b8c8e4a1ee4Stef Walter <span class="command"><strong>rndc delzone</strong></span> were removed from the
1319e71fd1680ca4864afe0b1aca2b8c8e4a1ee4Stef Walter running server but were not removed from the new zone
1319e71fd1680ca4864afe0b1aca2b8c8e4a1ee4Stef Walter database, so that deletion did not persist after a
1319e71fd1680ca4864afe0b1aca2b8c8e4a1ee4Stef Walter server restart. This has been corrected. [RT #45185]
1319e71fd1680ca4864afe0b1aca2b8c8e4a1ee4Stef Walter Semicolons are no longer escaped when printing CAA and
1319e71fd1680ca4864afe0b1aca2b8c8e4a1ee4Stef Walter URI records. This may break applications that depend on the
1319e71fd1680ca4864afe0b1aca2b8c8e4a1ee4Stef Walter presence of the backslash before the semicolon. [RT #45216]
1319e71fd1680ca4864afe0b1aca2b8c8e4a1ee4Stef Walter AD could be set on truncated answer with no records present
1319e71fd1680ca4864afe0b1aca2b8c8e4a1ee4Stef Walter in the answer and authority sections. [RT #45140]
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter Some header files included <isc/util.h> incorrectly as
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter it pollutes with namespace with non ISC_ macros and this should
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter only be done by explicitly including <isc/util.h>. This
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter has been corrected. Some code may depend on <isc/util.h>
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter being implicitly included via other header files. Such
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter code should explicitly include <isc/util.h>.
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter<div class="titlepage"><div><div><h3 class="title">
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter<a name="end_of_life"></a>End of Life</h3></div></div></div>
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter The end of life for BIND 9.11 is yet to be determined but
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter will not be before BIND 9.13.0 has been released for 6 months.
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter <a class="link" href="https://www.isc.org/downloads/software-support-policy/" target="_top">https://www.isc.org/downloads/software-support-policy/</a>
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter<div class="titlepage"><div><div><h3 class="title">
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter<a name="relnotes_thanks"></a>Thank You</h3></div></div></div>
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter Thank you to everyone who assisted us in making this release possible.
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter If you would like to contribute to ISC to assist us in continuing to
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter make quality open source software, please visit our donations page at
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter <a class="link" href="http://www.isc.org/donate/" target="_top">http://www.isc.org/donate/</a>.
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter<a accesskey="p" href="Bv9ARM.ch08.html">Prev</a>�</td>
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter<td width="40%" align="right">�<a accesskey="n" href="Bv9ARM.ch10.html">Next</a>
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter<td width="40%" align="left" valign="top">Chapter�8.�Troubleshooting�</td>
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter<td width="40%" align="right" valign="top">�Appendix�B.�A Brief History of the <acronym class="acronym">DNS</acronym> and <acronym class="acronym">BIND</acronym>
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.11.2</p>