Commit a6a532a0 authored by Mark Andrews's avatar Mark Andrews
Browse files

Merge branch 'marka-split-notes-v9_11' into 'v9_11'

split notes.xml into sections v9_11

See merge request !2328
parents 4db05271 c7209b6c
......@@ -19,6 +19,10 @@ TXTOBJS = notes.txt
PDFOBJS = Bv9ARM.pdf notes.pdf
NOTESXML = notes-bug-fixes.xml notes-download.xml notes-eol.xml \
notes-intro.xml notes-license.xml notes-new-features.xml \
notes-sec-fixes.xml notes-thankyou.xml notes.xml
doc man:: ${MANOBJS} ${TXTOBJS} ${PDFOBJS}
clean::
......@@ -36,11 +40,11 @@ maintainer-clean distclean::
rm -f noteversion.xml
# use xmllint to process include
notes.html: notes-wrapper.xml notes.xml releaseinfo.xml pkgversion.xml noteversion.xml
notes.html: notes-wrapper.xml ${NOTESXML} releaseinfo.xml pkgversion.xml noteversion.xml
expand notes-wrapper.xml | ${XMLLINT} --xinclude - | \
${XSLTPROC} --stringparam generate.toc "" ../xsl/isc-notes-html.xsl - > notes.html
notes.pdf: notes-wrapper.xml notes.xml releaseinfo.xml pkgversion.xml noteversion.xml
notes.pdf: notes-wrapper.xml ${NOTESXML} releaseinfo.xml pkgversion.xml noteversion.xml
${XSLTPROC} ${top_srcdir}/doc/xsl/pre-latex.xsl notes-wrapper.xml | \
${DBLATEX} -c notes.conf -Pdoc.layout="mainmatter" -o notes.pdf -
......@@ -50,17 +54,17 @@ notes.txt: notes.html
sed -e :a -e '/^\n*$$/{$$d;N;};/\n$$/ba' > notes.txt
# use xmllint to process include
Bv9ARM.html: Bv9ARM-book.xml releaseinfo.xml pkgversion.xml noteversion.xml
Bv9ARM.html: Bv9ARM-book.xml ${NOTESXML} releaseinfo.xml pkgversion.xml noteversion.xml
expand Bv9ARM-book.xml | ${XMLLINT} --xinclude - | \
${XSLTPROC} --stringparam root.filename Bv9ARM \
${top_srcdir}/doc/xsl/isc-docbook-chunk.xsl -
# use xmllint to process include
Bv9ARM-all.html: Bv9ARM-book.xml releaseinfo.xml pkgversion.xml noteversion.xml
Bv9ARM-all.html: Bv9ARM-book.xml ${NOTESXML} releaseinfo.xml pkgversion.xml noteversion.xml
expand Bv9ARM-book.xml | ${XMLLINT} --xinclude - |\
${XSLTPROC} -o Bv9ARM-all.html ../xsl/isc-docbook-html.xsl -
Bv9ARM.pdf: Bv9ARM-book.xml releaseinfo.xml pkgversion.xml noteversion.xml
Bv9ARM.pdf: Bv9ARM-book.xml ${NOTESXML} releaseinfo.xml pkgversion.xml noteversion.xml
expand Bv9ARM-book.xml | \
${XSLTPROC} ${top_srcdir}/doc/xsl/pre-latex.xsl - | \
${DBLATEX} -c Bv9ARM.conf -o Bv9ARM.pdf -
<!--
- Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-
- This Source Code Form is subject to the terms of the Mozilla Public
- License, v. 2.0. If a copy of the MPL was not distributed with this
- file, You can obtain one at http://mozilla.org/MPL/2.0/.
-
- See the COPYRIGHT file distributed with this work for additional
- information regarding copyright ownership.
-->
<section xml:id="relnotes_bugs"><info><title>Bug Fixes</title></info>
<itemizedlist>
<listitem>
<para>
Glue address records were not being returned in responses
to root priming queries; this has been corrected. [GL #1092]
</para>
</listitem>
<listitem>
<para>
Interaction between DNS64 and RPZ No Data rule (CNAME *.) could
cause unexpected results; this has been fixed. [GL #1106]
</para>
</listitem>
<listitem>
<para>
<command>named-checkconf</command> now checks DNS64 prefixes
to ensure bits 64-71 are zero. [GL #1159]
</para>
</listitem>
<listitem>
<para>
<command>named-checkconf</command> could crash during
configuration if configured to use "geoip continent" ACLs with
legacy GeoIP. [GL #1163]
</para>
</listitem>
<listitem>
<para>
<command>named-checkconf</command> now correctly reports a missing
<command>dnstap-output</command> option when
<command>dnstap</command> is set. [GL #1136]
</para>
</listitem>
<listitem>
<para>
Handle ETIMEDOUT error on connect() with a non-blocking
socket. [GL #1133]
</para>
</listitem>
</itemizedlist>
</section>
<!--
- Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-
- This Source Code Form is subject to the terms of the Mozilla Public
- License, v. 2.0. If a copy of the MPL was not distributed with this
- file, You can obtain one at http://mozilla.org/MPL/2.0/.
-
- See the COPYRIGHT file distributed with this work for additional
- information regarding copyright ownership.
-->
<section xml:id="relnotes_download"><info><title>Download</title></info>
<para>
The latest versions of BIND 9 software can always be found at
<link xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="http://www.isc.org/downloads/">http://www.isc.org/downloads/</link>.
There you will find additional information about each release,
source code, and pre-compiled versions for Microsoft Windows
operating systems.
</para>
</section>
<!--
- Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-
- This Source Code Form is subject to the terms of the Mozilla Public
- License, v. 2.0. If a copy of the MPL was not distributed with this
- file, You can obtain one at http://mozilla.org/MPL/2.0/.
-
- See the COPYRIGHT file distributed with this work for additional
- information regarding copyright ownership.
-->
<section xml:id="end_of_life"><info><title>End of Life</title></info>
<para>
BIND 9.11 (Extended Support Version) will be supported until at
least December, 2021. See
<link xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://www.isc.org/downloads/software-support-policy/">https://www.isc.org/downloads/software-support-policy/</link>
for details of ISC's software support policy.
</para>
</section>
<!--
- Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-
- This Source Code Form is subject to the terms of the Mozilla Public
- License, v. 2.0. If a copy of the MPL was not distributed with this
- file, You can obtain one at http://mozilla.org/MPL/2.0/.
-
- See the COPYRIGHT file distributed with this work for additional
- information regarding copyright ownership.
-->
<section xml:id="relnotes_intro"><info><title>Introduction</title></info>
<para>
BIND 9.11 (Extended Support Version) is a stable branch of BIND.
This document summarizes significant changes since the last
production release on that branch.
</para>
<para>
Please see the file <filename>CHANGES</filename> for a more
detailed list of changes and bug fixes.
</para>
</section>
<!--
- Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-
- This Source Code Form is subject to the terms of the Mozilla Public
- License, v. 2.0. If a copy of the MPL was not distributed with this
- file, You can obtain one at http://mozilla.org/MPL/2.0/.
-
- See the COPYRIGHT file distributed with this work for additional
- information regarding copyright ownership.
-->
<section xml:id="relnotes_license"><info><title>License Change</title></info>
<para>
With the release of BIND 9.11.0, ISC changed to the open
source license for BIND from the ISC license to the Mozilla
Public License (MPL 2.0).
</para>
<para>
The MPL-2.0 license requires that if you make changes to
licensed software (e.g. BIND) and distribute them outside
your organization, that you publish those changes under that
same license. It does not require that you publish or disclose
anything other than the changes you made to our software.
</para>
<para>
This requirement will not affect anyone who is using BIND, with
or without modifications, without redistributing it, nor anyone
redistributing it without changes. Therefore, this change will be
without consequence for most individuals and organizations who are
using BIND.
</para>
<para>
Those unsure whether or not the license change affects their
use of BIND, or who wish to discuss how to comply with the
license may contact ISC at <link
xmlns:xlink="http://www.w3.org/1999/xlink"
xlink:href="https://www.isc.org/mission/contact/">
https://www.isc.org/mission/contact/</link>.
</para>
</section>
<!--
- Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-
- This Source Code Form is subject to the terms of the Mozilla Public
- License, v. 2.0. If a copy of the MPL was not distributed with this
- file, You can obtain one at http://mozilla.org/MPL/2.0/.
-
- See the COPYRIGHT file distributed with this work for additional
- information regarding copyright ownership.
-->
<section xml:id="relnotes_features"><info><title>New Features</title></info>
<itemizedlist>
<listitem>
<para>
The new GeoIP2 API from MaxMind is now supported when BIND
is compiled using <command>configure --with-geoip2</command>.
The legacy GeoIP API can be used by compiling with
<command>configure --with-geoip</command> instead. (Note that
the databases for the legacy API are no longer maintained by
MaxMind.)
</para>
<para>
The default path to the GeoIP2 databases will be set based
on the location of the <command>libmaxminddb</command> library;
for example, if it is in <filename>/usr/local/lib</filename>,
then the default path will be
<filename>/usr/local/share/GeoIP</filename>.
This value can be overridden in <filename>named.conf</filename>
using the <command>geoip-directory</command> option.
</para>
<para>
Some <command>geoip</command> ACL settings that were available with
legacy GeoIP, including searches for <command>netspeed</command>,
<command>org</command>, and three-letter ISO country codes, will
no longer work when using GeoIP2. Supported GeoIP2 database
types are <command>country</command>, <command>city</command>,
<command>domain</command>, <command>isp</command>, and
<command>as</command>. All of the databases support both IPv4
and IPv6 lookups. [GL #182]
</para>
</listitem>
<listitem>
<para>
A SipHash 2-4 based DNS Cookie (RFC 7873) algorithm has been added.
[GL #605]
</para>
<para>
If you are running multiple DNS Servers (different versions of BIND 9
or DNS server from multiple vendors) responding from the same IP
address (anycast or load-balancing scenarios), you'll have to make
sure that all the servers are configured with the same DNS Cookie
algorithm and same Server Secret for the best performance.
</para>
</listitem>
<listitem>
<para>
DS records included in DNS referral messages can now be validated
and cached immediately, reducing the number of queries needed for
a DNSSEC validation. [GL #964]
</para>
</listitem>
</itemizedlist>
</section>
<!--
- Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-
- This Source Code Form is subject to the terms of the Mozilla Public
- License, v. 2.0. If a copy of the MPL was not distributed with this
- file, You can obtain one at http://mozilla.org/MPL/2.0/.
-
- See the COPYRIGHT file distributed with this work for additional
- information regarding copyright ownership.
-->
<section xml:id="relnotes_security"><info><title>Security Fixes</title></info>
<itemizedlist>
<listitem>
<para>
A race condition could trigger an assertion failure when
a large number of incoming packets were being rejected.
This flaw is disclosed in CVE-2019-6471. [GL #942]
</para>
</listitem>
</itemizedlist>
</section>
<!--
- Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-
- This Source Code Form is subject to the terms of the Mozilla Public
- License, v. 2.0. If a copy of the MPL was not distributed with this
- file, You can obtain one at http://mozilla.org/MPL/2.0/.
-
- See the COPYRIGHT file distributed with this work for additional
- information regarding copyright ownership.
-->
<section xml:id="relnotes_thanks"><info><title>Thank You</title></info>
<para>
Thank you to everyone who assisted us in making this release possible.
If you would like to contribute to ISC to assist us in continuing to
make quality open source software, please visit our donations page at
<link xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="http://www.isc.org/donate/">http://www.isc.org/donate/</link>.
</para>
</section>
......@@ -17,181 +17,12 @@
<section xmlns:db="http://docbook.org/ns/docbook" version="5.0"><info/>
<xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="noteversion.xml"/>
<section xml:id="relnotes_intro"><info><title>Introduction</title></info>
<para>
BIND 9.11 (Extended Support Version) is a stable branch of BIND.
This document summarizes significant changes since the last
production release on that branch.
</para>
<para>
Please see the file <filename>CHANGES</filename> for a more
detailed list of changes and bug fixes.
</para>
</section>
<section xml:id="relnotes_download"><info><title>Download</title></info>
<para>
The latest versions of BIND 9 software can always be found at
<link xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="http://www.isc.org/downloads/">http://www.isc.org/downloads/</link>.
There you will find additional information about each release,
source code, and pre-compiled versions for Microsoft Windows
operating systems.
</para>
</section>
<section xml:id="relnotes_license"><info><title>License Change</title></info>
<para>
With the release of BIND 9.11.0, ISC changed to the open
source license for BIND from the ISC license to the Mozilla
Public License (MPL 2.0).
</para>
<para>
The MPL-2.0 license requires that if you make changes to
licensed software (e.g. BIND) and distribute them outside
your organization, that you publish those changes under that
same license. It does not require that you publish or disclose
anything other than the changes you made to our software.
</para>
<para>
This requirement will not affect anyone who is using BIND, with
or without modifications, without redistributing it, nor anyone
redistributing it without changes. Therefore, this change will be
without consequence for most individuals and organizations who are
using BIND.
</para>
<para>
Those unsure whether or not the license change affects their
use of BIND, or who wish to discuss how to comply with the
license may contact ISC at <link
xmlns:xlink="http://www.w3.org/1999/xlink"
xlink:href="https://www.isc.org/mission/contact/">
https://www.isc.org/mission/contact/</link>.
</para>
</section>
<section xml:id="relnotes_security"><info><title>Security Fixes</title></info>
<itemizedlist>
<listitem>
<para>
A race condition could trigger an assertion failure when
a large number of incoming packets were being rejected.
This flaw is disclosed in CVE-2019-6471. [GL #942]
</para>
</listitem>
</itemizedlist>
</section>
<section xml:id="relnotes_features"><info><title>New Features</title></info>
<itemizedlist>
<listitem>
<para>
The new GeoIP2 API from MaxMind is now supported when BIND
is compiled using <command>configure --with-geoip2</command>.
The legacy GeoIP API can be used by compiling with
<command>configure --with-geoip</command> instead. (Note that
the databases for the legacy API are no longer maintained by
MaxMind.)
</para>
<para>
The default path to the GeoIP2 databases will be set based
on the location of the <command>libmaxminddb</command> library;
for example, if it is in <filename>/usr/local/lib</filename>,
then the default path will be
<filename>/usr/local/share/GeoIP</filename>.
This value can be overridden in <filename>named.conf</filename>
using the <command>geoip-directory</command> option.
</para>
<para>
Some <command>geoip</command> ACL settings that were available with
legacy GeoIP, including searches for <command>netspeed</command>,
<command>org</command>, and three-letter ISO country codes, will
no longer work when using GeoIP2. Supported GeoIP2 database
types are <command>country</command>, <command>city</command>,
<command>domain</command>, <command>isp</command>, and
<command>as</command>. All of the databases support both IPv4
and IPv6 lookups. [GL #182]
</para>
</listitem>
<listitem>
<para>
A SipHash 2-4 based DNS Cookie (RFC 7873) algorithm has been added.
[GL #605]
</para>
<para>
If you are running multiple DNS Servers (different versions of BIND 9
or DNS server from multiple vendors) responding from the same IP
address (anycast or load-balancing scenarios), you'll have to make
sure that all the servers are configured with the same DNS Cookie
algorithm and same Server Secret for the best performance.
</para>
</listitem>
<listitem>
<para>
DS records included in DNS referral messages can now be validated
and cached immediately, reducing the number of queries needed for
a DNSSEC validation. [GL #964]
</para>
</listitem>
</itemizedlist>
</section>
<section xml:id="relnotes_bugs"><info><title>Bug Fixes</title></info>
<itemizedlist>
<listitem>
<para>
Glue address records were not being returned in responses
to root priming queries; this has been corrected. [GL #1092]
</para>
</listitem>
<listitem>
<para>
Interaction between DNS64 and RPZ No Data rule (CNAME *.) could
cause unexpected results; this has been fixed. [GL #1106]
</para>
</listitem>
<listitem>
<para>
<command>named-checkconf</command> now checks DNS64 prefixes
to ensure bits 64-71 are zero. [GL #1159]
</para>
</listitem>
<listitem>
<para>
<command>named-checkconf</command> could crash during
configuration if configured to use "geoip continent" ACLs with
legacy GeoIP. [GL #1163]
</para>
</listitem>
<listitem>
<para>
<command>named-checkconf</command> now correctly reports missing
<command>dnstap-output</command> option when
<command>dnstap</command> is set. [GL #1136]
</para>
</listitem>
<listitem>
<para>
Handle ETIMEDOUT error on connect() with a non-blocking
socket. [GL #1133]
</para>
</listitem>
</itemizedlist>
</section>
<section xml:id="end_of_life"><info><title>End of Life</title></info>
<para>
BIND 9.11 (Extended Support Version) will be supported until at
least December, 2021.
See <link xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://www.isc.org/downloads/software-support-policy/">https://www.isc.org/downloads/software-support-policy/</link> for details of ISC's software support policy.
</para>
</section>
<section xml:id="relnotes_thanks"><info><title>Thank You</title></info>
<para>
Thank you to everyone who assisted us in making this release possible.
If you would like to contribute to ISC to assist us in continuing to
make quality open source software, please visit our donations page at
<link xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="http://www.isc.org/donate/">http://www.isc.org/donate/</link>.
</para>
</section>
<xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="notes-intro.xml"/>
<xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="notes-download.xml"/>
<xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="notes-license.xml"/>
<xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="notes-sec-fixes.xml"/>
<xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="notes-new-features.xml"/>
<xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="notes-bug-fixes.xml"/>
<xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="notes-eol.xml"/>
<xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="notes-thankyou.xml"/>
</section>
......@@ -3203,6 +3203,14 @@
./doc/arm/managed-keys.xml SGML 2010,2014,2015,2016,2017,2018,2019
./doc/arm/master.zoneopt.xml SGML 2018,2019
./doc/arm/masters.grammar.xml SGML 2018,2019
./doc/arm/notes-bug-fixes.xml SGML 2019
./doc/arm/notes-download.xml SGML 2019
./doc/arm/notes-eol.xml SGML 2019
./doc/arm/notes-intro.xml SGML 2019
./doc/arm/notes-license.xml SGML 2019
./doc/arm/notes-new-features.xml SGML 2019
./doc/arm/notes-sec-fixes.xml SGML 2019
./doc/arm/notes-thankyou.xml SGML 2019
./doc/arm/notes-wrapper.xml SGML 2014,2015,2016,2018,2019
./doc/arm/notes.conf X 2015,2018,2019
./doc/arm/notes.html X 2014,2015,2016,2017,2018,2019
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment