diff --git a/doc/arm/notes.xml b/doc/arm/notes.xml
index c50739fb2a..2cbfca5e83 100644
--- a/doc/arm/notes.xml
+++ b/doc/arm/notes.xml
@@ -56,44 +56,6 @@
lookup. This flaw is disclosed in CVE-2015-8461. [RT#40945]
-
-
- An incorrect boundary check in the OPENPGPKEY rdatatype
- could trigger an assertion failure. This flaw is disclosed
- in CVE-2015-5986. [RT #40286]
-
-
-
-
- A buffer accounting error could trigger an assertion failure
- when parsing certain malformed DNSSEC keys.
-
-
- This flaw was discovered by Hanno Böck of the Fuzzing
- Project, and is disclosed in CVE-2015-5722. [RT #40212]
-
-
-
-
- A specially crafted query could trigger an assertion failure
- in message.c.
-
-
- This flaw was discovered by Jonathan Foote, and is disclosed
- in CVE-2015-5477. [RT #40046]
-
-
-
-
- On servers configured to perform DNSSEC validation, an
- assertion failure could be triggered on answers from
- a specially configured server.
-
-
- This flaw was discovered by Breno Silveira Soares, and is
- disclosed in CVE-2015-4620. [RT #39795]
-
-
Specific APL data could trigger an INSIST. This flaw
@@ -106,68 +68,12 @@
New Features
-
-
- New quotas have been added to limit the queries that are
- sent by recursive resolvers to authoritative servers
- experiencing denial-of-service attacks. When configured,
- these options can both reduce the harm done to authoritative
- servers and also avoid the resource exhaustion that can be
- experienced by recursives when they are being used as a
- vehicle for such an attack.
-
-
- NOTE: These options are not available by default; use
- configure --enable-fetchlimit to include
- them in the build.
-
-
-
-
- limits the number of
- simultaneous queries that can be sent to any single
- authoritative server. The configured value is a starting
- point; it is automatically adjusted downward if the server is
- partially or completely non-responsive. The algorithm used to
- adjust the quota can be configured via the
- option.
-
-
-
-
- limits the number of
- simultaneous queries that can be sent for names within a
- single domain. (Note: Unlike "fetches-per-server", this
- value is not self-tuning.)
-
-
-
-
- Statistics counters have also been added to track the number
- of queries affected by these quotas.
-
-
-
-
- An --enable-querytrace configure switch is
- now available to enable very verbose query tracelogging. This
- option can only be set at compile time. This option has a
- negative performance impact and should be used only for
- debugging. [RT #37520]
-
-
The following types have been implemented: CSYNC, NINFO, RKEY,
SINK, TA, TALINK.
-
-
-
-
- EDNS COOKIE options content is now displayed as
- "COOKIE: <hexvalue>".
-
-
+
+ Feature Changes
@@ -178,40 +84,10 @@
Updated the compiled in addresses for H.ROOT-SERVERS.NET.
-
-
- Large inline-signing changes should be less disruptive.
- Signature generation is now done incrementally; the number
- of signatures to be generated in each quantum is controlled
- by "sig-signing-signatures number;".
- [RT #37927]
-
-
-
-
- Retrieving the local port range from net.ipv4.ip_local_port_range
- on Linux is now supported.
-
-
-
-
- Active Directory names of the form gc._msdcs.<forest> are
- now accepted as valid hostnames when using the
- option. <forest> is still
- restricted to letters, digits and hyphens.
-
-
-
-
- Names containing rich text are now accepted as valid
- hostnames in PTR records in DNS-SD reverse lookup zones,
- as specified in RFC 6763. [RT #37889]
-
-
The default preferred glue is now the address type of the
- transport the query was received over.
+ transport the query was received over.
@@ -229,71 +105,14 @@
- Porting Changes
-
-
-
-
- The Microsoft Windows install tool
- BINDInstall.exe which requires a
- non-free version of Visual Studio to be built, now uses two
- files (lists of flags and files) created by the Configure
- perl script with all the needed information which were
- previously compiled in the binary. Read
- win32utils/build.txt for more details.
- [RT #38915]
-
-
-
- Bug Fixes
-
- Asynchronous zone loads were not handled correctly when the
- zone load was already in progress; this could trigger a crash
- in zt.c. [RT #37573]
+
+ None.
-
-
- A race during shutdown or reconfiguration could
- cause an assertion failure in mem.c. [RT #38979]
-
-
-
-
- Some answer formatting options didn't work correctly with
- dig +short. [RT #39291]
-
-
-
-
- Malformed records of some types, including NSAP and UNSPEC,
- could trigger assertion failures when loading text zone files.
- [RT #40274] [RT #40285]
-
-
-
-
- Fixed a possible crash in ratelimiter.c caused by NOTIFY
- messages being removed from the wrong rate limiter queue.
- [RT #40350]
-
-
-
-
- The default of random
- was inconsistently applied. [RT #40456]
-
-
-
-
- BADVERS responses from broken authoritative name servers were
- not handled correctly. [RT #40427]
-
- End of Life