doc/arm/Bv9ARM.ch09.html

	Bv9ARM.ch09.html revision adabefa84c3dcf048566cc23fd457c577f208eea
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
b0e8629055a766d4555a005a283c2889a5974945Mark Andrews<!--
75c0816e8295e180f4bc7f10db3d0d880383bc1cMark Andrews - Copyright (C) 2000-2016 Internet Systems Consortium, Inc. ("ISC")
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein -
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - This Source Code Form is subject to the terms of the Mozilla Public
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - License, v. 2.0. If a copy of the MPL was not distributed with this
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - file, You can obtain one at http://mozilla.org/MPL/2.0/.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein-->
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<html lang="en">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<head>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<title>Appendix�A.�Release Notes</title>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<meta name="generator" content="DocBook XSL Stylesheets V1.78.1">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="home" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="up" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="prev" href="Bv9ARM.ch08.html" title="Chapter�8.�Troubleshooting">
71eeac3530eabb7f70f4b6bdba5addb40a5bca27Mark Andrews<link rel="next" href="Bv9ARM.ch10.html" title="Appendix�B.�A Brief History of the DNS and BIND">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</head>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="navheader">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<table width="100%" summary="Navigation header">
e21a2904f02a03fa06b6db04d348f65fe9c67b2bMark Andrews<tr><th colspan="3" align="center">Appendix�A.�Release Notes</th></tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="20%" align="left">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a accesskey="p" href="Bv9ARM.ch08.html">Prev</a>�</td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<th width="60%" align="center">�</th>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="20%" align="right">�<a accesskey="n" href="Bv9ARM.ch10.html">Next</a>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</table>
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews<hr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="appendix">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="titlepage"><div><div><h1 class="title">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="Bv9ARM.ch09"></a>Release Notes</h1></div></div></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="toc">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p><b>Table of Contents</b></p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dl class="toc">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="section"><a href="Bv9ARM.ch09.html#id-1.10.2">Release Notes for BIND Version 9.11.1b1</a></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd><dl>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="section"><a href="Bv9ARM.ch09.html#relnotes_intro">Introduction</a></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="section"><a href="Bv9ARM.ch09.html#relnotes_download">Download</a></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="section"><a href="Bv9ARM.ch09.html#relnotes_license">License Change</a></span></dt>
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews<dt><span class="section"><a href="Bv9ARM.ch09.html#relnotes_security">Security Fixes</a></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="section"><a href="Bv9ARM.ch09.html#relnotes_changes">Feature Changes</a></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="section"><a href="Bv9ARM.ch09.html#relnotes_bugs">Bug Fixes</a></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="section"><a href="Bv9ARM.ch09.html#relnotes_maint">Maintenance</a></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="section"><a href="Bv9ARM.ch09.html#relnotes_misc">Miscellaneous Notes</a></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="section"><a href="Bv9ARM.ch09.html#end_of_life">End of Life</a></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="section"><a href="Bv9ARM.ch09.html#relnotes_thanks">Thank You</a></span></dt>
4556ad3a270bf049b3225433a402666aaffe3c36Mark Andrews</dl></dd>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</dl>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      <div class="section">
4556ad3a270bf049b3225433a402666aaffe3c36Mark Andrews<div class="titlepage"><div><div><h2 class="title" style="clear: both">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="id-1.10.2"></a>Release Notes for BIND Version 9.11.1b1</h2></div></div></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein
4556ad3a270bf049b3225433a402666aaffe3c36Mark Andrews  <div class="section">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="titlepage"><div><div><h3 class="title">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="relnotes_intro"></a>Introduction</h3></div></div></div>
4556ad3a270bf049b3225433a402666aaffe3c36Mark Andrews    <p>
4556ad3a270bf049b3225433a402666aaffe3c36Mark Andrews      This document summarizes changes since the last production
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      release on the BIND 9.11 branch.
4556ad3a270bf049b3225433a402666aaffe3c36Mark Andrews      Please see the <code class="filename">CHANGES</code> file for a further
4556ad3a270bf049b3225433a402666aaffe3c36Mark Andrews      list of bug fixes and other changes.
4556ad3a270bf049b3225433a402666aaffe3c36Mark Andrews    </p>
4556ad3a270bf049b3225433a402666aaffe3c36Mark Andrews  </div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein
4556ad3a270bf049b3225433a402666aaffe3c36Mark Andrews  <div class="section">
4556ad3a270bf049b3225433a402666aaffe3c36Mark Andrews<div class="titlepage"><div><div><h3 class="title">
4556ad3a270bf049b3225433a402666aaffe3c36Mark Andrews<a name="relnotes_download"></a>Download</h3></div></div></div>
4556ad3a270bf049b3225433a402666aaffe3c36Mark Andrews    <p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      The latest versions of BIND 9 software can always be found at
4556ad3a270bf049b3225433a402666aaffe3c36Mark Andrews      <a class="link" href="http://www.isc.org/downloads/" target="_top">http://www.isc.org/downloads/</a>.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      There you will find additional information about each release,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      source code, and pre-compiled versions for Microsoft Windows
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      operating systems.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  </div>
71eeac3530eabb7f70f4b6bdba5addb40a5bca27Mark Andrews
71eeac3530eabb7f70f4b6bdba5addb40a5bca27Mark Andrews  <div class="section">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="titlepage"><div><div><h3 class="title">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="relnotes_license"></a>License Change</h3></div></div></div>
71eeac3530eabb7f70f4b6bdba5addb40a5bca27Mark Andrews    <p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      With the release of BIND 9.11.0, ISC changed to the open
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      source license for BIND from the ISC license to the Mozilla
71eeac3530eabb7f70f4b6bdba5addb40a5bca27Mark Andrews      Public License (MPL 2.0).
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    </p>
71eeac3530eabb7f70f4b6bdba5addb40a5bca27Mark Andrews    <p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      The MPL-2.0 license requires that if you make changes to
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      licensed software (e.g. BIND) and distribute them outside
71eeac3530eabb7f70f4b6bdba5addb40a5bca27Mark Andrews      your organization, that you publish those changes under that
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      same license. It does not require that you publish or disclose
71eeac3530eabb7f70f4b6bdba5addb40a5bca27Mark Andrews      anything other than the changes you made to our software.
71eeac3530eabb7f70f4b6bdba5addb40a5bca27Mark Andrews    </p>
71eeac3530eabb7f70f4b6bdba5addb40a5bca27Mark Andrews    <p>
7208386cd37a2092c70eddf80cf29519b16c4c80Mark Andrews      This new requirement will not affect anyone who is using BIND
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      without redistributing it, nor anyone redistributing it without
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      changes, therefore this change will be without consequence
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      for most individuals and organizations who are using BIND.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    </p>
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews    <p>
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews      Those unsure whether or not the license change affects their
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      use of BIND, or who wish to discuss how to comply with the
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews      license may contact ISC at <a class="link" href="https://www.isc.org/mission/contact/" target="_top">
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews      https://www.isc.org/mission/contact/</a>.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  </div>
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  <div class="section">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="titlepage"><div><div><h3 class="title">
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews<a name="relnotes_security"></a>Security Fixes</h3></div></div></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    <div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; ">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<li class="listitem">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    <p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      If a server is configured with a response policy zone (RPZ)
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      that rewrites an answer with local data, and is also configured
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      for DNS64 address mapping, a NULL pointer can be read
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      triggering a server crash.  This flaw is disclosed in
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      CVE-2017-3135. [RT #44434]
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews    </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      </li>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<li class="listitem">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    <p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      A coding error in the <code class="option">nxdomain-redirect</code>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      feature could lead to an assertion failure if the redirection
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      namespace was served from a local authoritative data source
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      such as a local zone or a DLZ instead of via recursive
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      lookup. This flaw is disclosed in CVE-2016-9778. [RT #43837]
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      </li>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<li class="listitem">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    <p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      <span class="command"><strong>named</strong></span> could mishandle authority sections
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      with missing RRSIGs, triggering an assertion failure. This
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      flaw is disclosed in CVE-2016-9444. [RT #43632]
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      </li>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<li class="listitem">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    <p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      <span class="command"><strong>named</strong></span> mishandled some responses where
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      covering RRSIG records were returned without the requested
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      data, resulting in an assertion failure. This flaw is
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      disclosed in CVE-2016-9147. [RT #43548]
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      </li>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<li class="listitem">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    <p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      <span class="command"><strong>named</strong></span> incorrectly tried to cache TKEY
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      records which could trigger an assertion failure when there was
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      a class mismatch. This flaw is disclosed in CVE-2016-9131.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      [RT #43522]
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      </li>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<li class="listitem">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    <p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      It was possible to trigger assertions when processing
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      responses containing answers of type DNAME. This flaw is
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      disclosed in CVE-2016-8864. [RT #43465]
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews    </p>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews      </li>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<li class="listitem">
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews    <p>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews      Added the ability to specify the maximum number of records
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews      permitted in a zone (<code class="option">max-records #;</code>).
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews      This provides a mechanism to block overly large zone
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews      transfers, which is a potential risk with slave zones from
b05bdb520d83f7ecaad708fe305268c3420be01dMark Andrews      other parties, as described in CVE-2016-6170.
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews      [RT #42143]
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews    </p>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews      </li>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews</ul></div>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews  </div>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews  <div class="section">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="titlepage"><div><div><h3 class="title">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="relnotes_changes"></a>Feature Changes</h3></div></div></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    <div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; ">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<li class="listitem">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    <p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      Expanded and improved the YAML output from
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      <span class="command"><strong>dnstap-read -y</strong></span>: it now includes packet
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      size and a detailed breakdown of message contents.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      [RT #43622] [RT #43642]
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      </li>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<li class="listitem">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    <p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      If an ACL is specified with an address prefix in which the
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      prefix length is longer than the address portion (for example,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      192.0.2.1/8), <span class="command"><strong>named</strong></span> will now log a warning.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      In future releases this will be a fatal configuration error.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      [RT #43367]
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      </li>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</ul></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  </div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  <div class="section">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="titlepage"><div><div><h3 class="title">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="relnotes_bugs"></a>Bug Fixes</h3></div></div></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    <div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; ">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<li class="listitem">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    <p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      Named could deadlock there were multiple changes to
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      NSEC/NSEC3 parameters for a zone being processed at the
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      same time. [RT #42770]
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      </li>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<li class="listitem">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    <p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      Named could trigger a assertion when sending notify
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      messages. [RT #44019]
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      </li>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<li class="listitem">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    <p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      Referencing a nonexistent zone in a <span class="command"><strong>response-policy</strong></span>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      statement could cause an assertion failure during configuration.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      [RT #43787]
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      </li>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<li class="listitem">
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews    <p>
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews      <span class="command"><strong>rndc addzone</strong></span> could cause a crash
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews      when attempting to add a zone with a type other than
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews      <span class="command"><strong>master</strong></span> or <span class="command"><strong>slave</strong></span>.
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews      Such zones are now rejected. [RT #43665]
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews    </p>
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews      </li>
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews<li class="listitem">
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews    <p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      <span class="command"><strong>named</strong></span> could hang when encountering log
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews      file names with large apparent gaps in version number (for
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews      example, when files exist called "logfile.0", "logfile.1",
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews      and "logfile.1482954169").  This is now handled correctly.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      [RT #38688]
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews    </p>
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews      </li>
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews<li class="listitem">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    <p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      If a zone was updated while <span class="command"><strong>named</strong></span> was
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      processing a query for nonexistent data, it could return
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      out-of-sync NSEC3 records causing potential DNSSEC validation
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      failure. [RT #43247]
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      </li>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</ul></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  </div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  <div class="section">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="titlepage"><div><div><h3 class="title">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="relnotes_maint"></a>Maintenance</h3></div></div></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    <div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    <p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      The built-in root hints have been updated to include an
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      IPv6 address (2001:500:12::d0d) for G.ROOT-SERVERS.NET.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      </li></ul></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  </div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  <div class="section">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="titlepage"><div><div><h3 class="title">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="relnotes_misc"></a>Miscellaneous Notes</h3></div></div></div>
bea931e17b7567f09107f93ab7e25c7f00abeb9cMark Andrews    <div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    <p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      Authoritative server support for the EDNS Client Subnet option
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      (ECS), introduced in BIND 9.11.0, was based on an early version
b05bdb520d83f7ecaad708fe305268c3420be01dMark Andrews      of the specification, and is now known to have incompatibilities
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      with other ECS implementations. It is also inefficient, requiring
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      a separate view for each answer, and is unable to correct for
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      overlapping subnets in the configuration.  It is intended for
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      testing purposes but is not recommended for for production use.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      This was not made sufficiently clear in the documentation at
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      the time of release.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      </li></ul></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  </div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  <div class="section">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="titlepage"><div><div><h3 class="title">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="end_of_life"></a>End of Life</h3></div></div></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    <p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      The end of life for BIND 9.11 is yet to be determined but
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      will not be before BIND 9.13.0 has been released for 6 months.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      <a class="link" href="https://www.isc.org/downloads/software-support-policy/" target="_top">https://www.isc.org/downloads/software-support-policy/</a>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  </div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  <div class="section">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="titlepage"><div><div><h3 class="title">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="relnotes_thanks"></a>Thank You</h3></div></div></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews    <p>
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews      Thank you to everyone who assisted us in making this release possible.
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews      If you would like to contribute to ISC to assist us in continuing to
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews      make quality open source software, please visit our donations page at
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews      <a class="link" href="http://www.isc.org/donate/" target="_top">http://www.isc.org/donate/</a>.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  </div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    </div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="navfooter">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<hr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<table width="100%" summary="Navigation footer">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="40%" align="left">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a accesskey="p" href="Bv9ARM.ch08.html">Prev</a>�</td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="20%" align="center">�</td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="40%" align="right">�<a accesskey="n" href="Bv9ARM.ch10.html">Next</a>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="40%" align="left" valign="top">Chapter�8.�Troubleshooting�</td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="40%" align="right" valign="top">�Appendix�B.�A Brief History of the <acronym class="acronym">DNS</acronym> and <acronym class="acronym">BIND</acronym>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</table>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.11.1b1</p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</body>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</html>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein