Merge branch 'michal/prepare-documentation-for-bind-9.19.3' into 'v9_19_3-release'

Prepare documentation for BIND 9.19.3 See merge request isc-private/bind9!412
2026-06-11 11:40:00 -04:00 · 2022-07-07 13:19:36 +00:00 · 2022-07-07 13:19:36 +00:00 · bbc3fa284a
commit bbc3fa284a
parent d862879fba 61f183af3d
3 changed files with 71 additions and 63 deletions
--- a/doc/arm/notes.rst
+++ b/doc/arm/notes.rst
@ -36,7 +36,7 @@ The latest versions of BIND 9 software can always be found at
 https://www.isc.org/download/. There you will find additional
 information about each release, and source code.

-.. include:: ../notes/notes-current.rst
+.. include:: ../notes/notes-9.19.3.rst
 .. include:: ../notes/notes-9.19.2.rst
 .. include:: ../notes/notes-9.19.1.rst
 .. include:: ../notes/notes-9.19.0.rst
--- a/doc/notes/notes-9.19.3.rst
+++ b/doc/notes/notes-9.19.3.rst
@ -0,0 +1,70 @@
+.. Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+..
+.. SPDX-License-Identifier: MPL-2.0
+..
+.. This Source Code Form is subject to the terms of the Mozilla Public
+.. License, v. 2.0.  If a copy of the MPL was not distributed with this
+.. file, you can obtain one at https://mozilla.org/MPL/2.0/.
+..
+.. See the COPYRIGHT file distributed with this work for additional
+.. information regarding copyright ownership.
+
+Notes for BIND 9.19.3
+---------------------
+
+New Features
+~~~~~~~~~~~~
+
+- A new command, :option:`rndc fetchlimit`, prints a list of name server
+  addresses that are currently rate-limited due to
+  :any:`fetches-per-server` and domain names that are rate-limited due
+  to :any:`fetches-per-zone`. :gl:`#665`
+
+Removed Features
+~~~~~~~~~~~~~~~~
+
+- The ``glue-cache`` *option* has been removed. The glue cache *feature*
+  still works and is now permanently *enabled*. :gl:`#2147`
+
+Feature Changes
+~~~~~~~~~~~~~~~
+
+- To reduce unnecessary memory consumption in the cache, NXDOMAIN
+  records are no longer retained past the normal negative cache TTL,
+  even if :any:`stale-cache-enable` is set to ``yes``. :gl:`#3386`
+
+- The :option:`dnssec-signzone -H` default value has been changed to 0
+  additional NSEC3 iterations. This change aligns the
+  :iscman:`dnssec-signzone` default with the default used by the
+  :any:`dnssec-policy` feature. At the same
+  time, documentation about NSEC3 has been aligned with the `Best
+  Current Practice`_. :gl:`#3395`
+
+.. _Best Current Practice: https://datatracker.ietf.org/doc/html/draft-ietf-dnsop-nsec3-guidance-10
+
+Bug Fixes
+~~~~~~~~~
+
+- An assertion failure caused by a TCP connection closing between a
+  connect (or accept) and a read from a socket has been fixed.
+  :gl:`#3400`
+
+- When grafting non-delegated namespace onto delegated namespace,
+  :any:`synth-from-dnssec` could incorrectly synthesize non-existence of
+  records within the non-delegated namespace using NSEC records from
+  higher zones. :gl:`#3402`
+
+- Previously, :iscman:`named` immediately returned a SERVFAIL response
+  to the client when it received a FORMERR response from an
+  authoritative server during recursive resolution. This has been fixed:
+  :iscman:`named` acting as a resolver now attempts to contact other
+  authoritative servers for a given domain when it receives a FORMERR
+  response from one of them. :gl:`#3152`
+
+- Previously, :option:`rndc reconfig` did not pick up changes to
+  :any:`endpoints` statements in :any:`http` blocks. This has been
+  fixed. :gl:`#3415`
+
+- It was possible for a catalog zone consumer to process a catalog zone
+  member zone when there was a configured pre-existing forward-only
+  forward zone with the same name. This has been fixed. :gl:`#2506`
--- a/doc/notes/notes-current.rst
+++ b/doc/notes/notes-current.rst
@ -1,62 +0,0 @@
-.. Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-..
-.. SPDX-License-Identifier: MPL-2.0
-..
-.. This Source Code Form is subject to the terms of the Mozilla Public
-.. License, v. 2.0.  If a copy of the MPL was not distributed with this
-.. file, you can obtain one at https://mozilla.org/MPL/2.0/.
-..
-.. See the COPYRIGHT file distributed with this work for additional
-.. information regarding copyright ownership.
-
-Notes for BIND 9.19.3
---------------------
-
-Security Fixes
-~~~~~~~~~~~~~~
-
- None.
-
-Known Issues
-~~~~~~~~~~~~
-
- None.
-
-New Features
-~~~~~~~~~~~~
-
- The new ``rndc fetchlimit`` command prints a list of name server
-  addresses that are currently rate-limited due to ``fetches-per-server``
-  and domain names that are rate limited due to ``fetches-per-zone``.
-  :gl:`#665`
-
-Removed Features
-~~~~~~~~~~~~~~~~
-
- The ``glue-cache`` *option* has been removed. The glue cache *feature*
-  still works and is now permanently *enabled*. :gl:`#2147`
-
-Feature Changes
-~~~~~~~~~~~~~~~
-
- The :option:`dnssec-signzone -H` default value has been changed to 0 additional
-  NSEC3 iterations. This change aligns the :iscman:`dnssec-signzone` default with
-  the default used by the :ref:`dnssec-policy <dnssec_policy_grammar>` feature.
-  At the same time, documentation about NSEC3 has been aligned with
-  `Best Current Practice
-  <https://datatracker.ietf.org/doc/html/draft-ietf-dnsop-nsec3-guidance-10>`__.
-  :gl:`#3395`
-
-Bug Fixes
-~~~~~~~~~
-
- It was possible for a catalog zone consumer to process a catalog zone member
-  zone when there was a configured pre-existing forward-only forward zone with
-  the same name. This has been fixed. :gl:`#2506`.
-
- Fix the assertion failure caused by TCP connection closing between the
-  connect (or accept) and the read from the socket. :gl:`#3400`
-
- When grafting on non-delegated namespace, synth-from-dnssec could incorrectly
-  synthesise non-existance of records within the grafted in namespace using
-  NSEC records from higher zones. :gl:`#3402`