"buster" jobs are now only going to be run in scheduled pipelines.
"--without-gssapi" ./configure option of "bullseye" before it became the base image is dropped from "bullseye"-the-base-image because it reduces gcov coverage by 0.38 % (651 lines) and is used in Debian 9 "stretch".
"--enable-openssl-hash" is on purpose not being tested because it fails linking when either of --with-ecdsa, --with-gost, --with-eddsa, or --with-aes is used as well because it can't find f.e. HMAC_CTX_new() as "-lcrypto" is missing:
/usr/bin/ld: ../../lib/isc/libisc.a(hmacmd5.o): in function `isc_hmacmd5_init': /root/bind9/lib/isc/hmacmd5.c:49: undefined reference to `HMAC_CTX_new' /usr/bin/ld: /root/bind9/lib/isc/hmacmd5.c:51: undefined reference to `EVP_md5' /usr/bin/ld: /root/bind9/lib/isc/hmacmd5.c:51: undefined reference to `HMAC_Init_ex'
BIND 9.11 is in security-fixes-only-mode and configure.ac code should not be fixed to include "-lcrypto" in this corner case; better eliminate a pairwise hint.