diff --git a/README b/README
index 5c3e78f56b..40cca3dea6 100644
--- a/README
+++ b/README
@@ -110,6 +110,7 @@ of changes from BIND 9.14 and earlier releases. New features include:
 
   * Support for the new GeoIP2 geolocation API
   * Improved DNSSEC key configuration using dnssec-keys
+  * YAML output for dig, mdig, and delv.
 
 Building BIND
 
diff --git a/bin/delv/delv.1 b/bin/delv/delv.1
index 14ed98d2a9..48b298a7a7 100644
--- a/bin/delv/delv.1
+++ b/bin/delv/delv.1
@@ -409,6 +409,11 @@ Controls whether to use TCP when sending queries\&. The default is to use UDP un
 .RS 4
 Print all RDATA in unknown RR type presentation format (RFC 3597)\&. The default is to print RDATA for known types in the type\*(Aqs presentation format\&.
 .RE
+.PP
+\fB+[no]yaml\fR
+.RS 4
+Print response data in YAML format\&.
+.RE
 .SH "FILES"
 .PP
 /etc/bind\&.keys
diff --git a/bin/delv/delv.html b/bin/delv/delv.html
index 2c00605c63..7ba08add2a 100644
--- a/bin/delv/delv.html
+++ b/bin/delv/delv.html
@@ -548,6 +548,12 @@
 	      in the type's presentation format.
 	    </p>
 	  </dd>
+<dt><span class="term"><code class="option">+[no]yaml</code></span></dt>
+<dd>
+	    <p>
+	      Print response data in YAML format.
+	    </p>
+	  </dd>
 </dl></div>
 <p>
 
diff --git a/bin/dig/dig.1 b/bin/dig/dig.1
index c17d9a6559..edcc350c98 100644
--- a/bin/dig/dig.1
+++ b/bin/dig/dig.1
@@ -744,6 +744,13 @@ Display [do not display] the TTL when printing the record\&.
 Display [do not display] the TTL in friendly human\-readable time units of "s", "m", "h", "d", and "w", representing seconds, minutes, hours, days and weeks\&. Implies +ttlid\&.
 .RE
 .PP
+\fB+[no]unexpected\fR
+.RS 4
+Accept [do not accept] answers from unexpected sources\&. By default,
+\fBdig\fR
+won\*(Aqt accept a reply from a source other than the one to which it sent the query\&.
+.RE
+.PP
 \fB+[no]unknownformat\fR
 .RS 4
 Print all RDATA in unknown RR type presentation format (RFC 3597)\&. The default is to print RDATA for known types in the type\*(Aqs presentation format\&.
@@ -756,6 +763,13 @@ Use [do not use] TCP when querying name servers\&. This alternate syntax to
 is provided for backwards compatibility\&. The "vc" stands for "virtual circuit"\&.
 .RE
 .PP
+\fB+[no]yaml\fR
+.RS 4
+Print the responses (and, if
+\fB+qr\fR
+is in use, also the outgoing queries) in a detailed YAML format\&.
+.RE
+.PP
 \fB+[no]zflag\fR
 .RS 4
 Set [do not set] the last unassigned DNS header flag in a DNS query\&. This flag is off by default\&.
diff --git a/bin/dig/dig.html b/bin/dig/dig.html
index a078616f01..2d329cee93 100644
--- a/bin/dig/dig.html
+++ b/bin/dig/dig.html
@@ -1000,6 +1000,14 @@
 	      seconds, minutes, hours, days and weeks.  Implies +ttlid.
 	    </p>
 	  </dd>
+<dt><span class="term"><code class="option">+[no]unexpected</code></span></dt>
+<dd>
+	    <p>
+	      Accept [do not accept] answers from unexpected sources.  By
+	      default, <span class="command"><strong>dig</strong></span> won't accept a reply from a
+	      source other than the one to which it sent the query.
+	    </p>
+	  </dd>
 <dt><span class="term"><code class="option">+[no]unknownformat</code></span></dt>
 <dd>
 	    <p>
@@ -1017,6 +1025,13 @@
 	      stands for "virtual circuit".
 	    </p>
 	  </dd>
+<dt><span class="term"><code class="option">+[no]yaml</code></span></dt>
+<dd>
+	    <p>
+	      Print the responses (and, if <code class="option">+qr</code> is in use,
+	      also the outgoing queries) in a detailed YAML format.
+	    </p>
+	  </dd>
 <dt><span class="term"><code class="option">+[no]zflag</code></span></dt>
 <dd>
 	    <p>
diff --git a/bin/tools/mdig.1 b/bin/tools/mdig.1
index 7829d9ceea..9cae8eb871 100644
--- a/bin/tools/mdig.1
+++ b/bin/tools/mdig.1
@@ -233,6 +233,11 @@ Use [do not use] TCP when querying name servers\&. This alternate syntax to
 \fI+[no]tcp\fR
 is provided for backwards compatibility\&. The "vc" stands for "virtual circuit"\&.
 .RE
+.PP
+\fB+[no]yaml\fR
+.RS 4
+Print the responses in a detailed YAML format\&.
+.RE
 .SH "LOCAL OPTIONS"
 .PP
 The
diff --git a/bin/tools/mdig.html b/bin/tools/mdig.html
index 1a617c4688..cc258041c0 100644
--- a/bin/tools/mdig.html
+++ b/bin/tools/mdig.html
@@ -333,6 +333,12 @@
               stands for "virtual circuit".
             </p>
           </dd>
+<dt><span class="term"><code class="option">+[no]yaml</code></span></dt>
+<dd>
+	    <p>
+	      Print the responses in a detailed YAML format.
+	    </p>
+	  </dd>
 </dl></div>
 <p>
 
diff --git a/doc/arm/Bv9ARM.html b/doc/arm/Bv9ARM.html
index 4a6d9086fb..f51222702c 100644
--- a/doc/arm/Bv9ARM.html
+++ b/doc/arm/Bv9ARM.html
@@ -32,7 +32,7 @@
 <div>
 <div><h1 class="title">
 <a name="id-1"></a>BIND 9 Administrator Reference Manual</h1></div>
-<div><p class="releaseinfo">BIND Version 9.15.3</p></div>
+<div><p class="releaseinfo">BIND Version 9.15.4</p></div>
 <div><p class="copyright">Copyright © 2000-2019 Internet Systems Consortium, Inc. ("ISC")</p></div>
 </div>
 <hr>
@@ -245,7 +245,7 @@
 </dl></dd>
 <dt><span class="appendix"><a href="Bv9ARM.ch08.html">A. Release Notes</a></span></dt>
 <dd><dl>
-<dt><span class="section"><a href="Bv9ARM.ch08.html#id-1.9.2">Release Notes for BIND Version 9.15.3</a></span></dt>
+<dt><span class="section"><a href="Bv9ARM.ch08.html#id-1.9.2">Release Notes for BIND Version 9.15.4</a></span></dt>
 <dd><dl>
 <dt><span class="section"><a href="Bv9ARM.ch08.html#relnotes_intro">Introduction</a></span></dt>
 <dt><span class="section"><a href="Bv9ARM.ch08.html#relnotes_versions">Note on Version Numbering</a></span></dt>
@@ -443,6 +443,6 @@
 </tr>
 </table>
 </div>
-<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.15.3 (Development Release)</p>
+<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.15.4 (Development Release)</p>
 </body>
 </html>
diff --git a/doc/arm/Bv9ARM.pdf b/doc/arm/Bv9ARM.pdf
index 596f06cbaa..66c3639350 100644
Binary files a/doc/arm/Bv9ARM.pdf and b/doc/arm/Bv9ARM.pdf differ
diff --git a/doc/arm/notes.html b/doc/arm/notes.html
index 6e6493cbf0..657821f602 100644
--- a/doc/arm/notes.html
+++ b/doc/arm/notes.html
@@ -15,7 +15,7 @@
 
   <div class="section">
 <div class="titlepage"><div><div><h2 class="title" style="clear: both">
-<a name="id-1.2"></a>Release Notes for BIND Version 9.15.3</h2></div></div></div>
+<a name="id-1.2"></a>Release Notes for BIND Version 9.15.4</h2></div></div></div>
   
   <div class="section">
 <div class="titlepage"><div><div><h3 class="title">
@@ -123,6 +123,15 @@
 <div class="titlepage"><div><div><h3 class="title">
 <a name="relnotes_features"></a>New Features</h3></div></div></div>
     <div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; ">
+<li class="listitem">
+	<p>
+          Added a new command line option to <span class="command"><strong>dig</strong></span>:
+	  <span style="color: red">&lt;comand&gt;+[no]unexpected&lt;/comand&gt;</span>. By default, <span class="command"><strong>dig</strong></span>
+	  won't accept a reply from a source other than the one to which
+	  it sent the query.  Add the <span class="command"><strong>+unexpected</strong></span> argument
+	  to enable it to process replies from unexpected sources.
+        </p>
+      </li>
 <li class="listitem">
 	<p>
 	  The GeoIP2 API from MaxMind is now supported. Geolocation support
@@ -196,9 +205,16 @@
       </li>
 <li class="listitem">
 	<p>
-	Statistics channel groups are now toggleable. [GL #1030]
+	  Statistics channel groups are now toggleable. [GL #1030]
 	</p>
       </li>
+<li class="listitem">
+	<p>
+	  <span class="command"><strong>dig</strong></span>, <span class="command"><strong>mdig</strong></span> and
+	  <span class="command"><strong>delv</strong></span> can all now take a <span class="command"><strong>+yaml</strong></span>
+	  option to print output in a a detailed YAML format. [RT #1145]
+        </p>
+      </li>
 </ul></div>
   </div>
 
@@ -288,7 +304,7 @@
 	  A SipHash 2-4 based DNS Cookie (RFC 7873) algorithm has been added and
 	  made default.  Old non-default HMAC-SHA based DNS Cookie algorithms
 	  have been removed, and only the default AES algorithm is being kept
-	  for legacy reasons.  This changes doesn't have any operational impact
+	  for legacy reasons.  This change doesn't have any operational impact
 	  in most common scenarios. [GL #605]
 	</p>
 	<p>
@@ -386,8 +402,8 @@
       </li>
 <li class="listitem">
 	<p>
-	  <span class="command"><strong>named-checkconf</strong></span> now correctly reports missing
-	  <span class="command"><strong>dnstap-output</strong></span> option when
+	  <span class="command"><strong>named-checkconf</strong></span> now correctly reports
+	  a missing <span class="command"><strong>dnstap-output</strong></span> option when
 	  <span class="command"><strong>dnstap</strong></span> is set. [GL #1136]
 	</p>
       </li>
@@ -403,6 +419,13 @@
 	  when run with <span class="command"><strong>+expandaaaa +short</strong></span>. [GL #1152]
 	</p>
       </li>
+<li class="listitem">
+	<p>
+	  When a <span class="command"><strong>response-policy</strong></span> zone expires, ensure
+	  that its policies are removed from the RPZ summary database.
+	  [GL #1146]
+	</p>
+      </li>
 </ul></div>
   </div>
 
diff --git a/doc/arm/notes.pdf b/doc/arm/notes.pdf
index c2090f9e10..d6d1fc3327 100644
Binary files a/doc/arm/notes.pdf and b/doc/arm/notes.pdf differ
diff --git a/doc/arm/notes.txt b/doc/arm/notes.txt
index 896a7ad646..81fd325693 100644
--- a/doc/arm/notes.txt
+++ b/doc/arm/notes.txt
@@ -1,4 +1,4 @@
-Release Notes for BIND Version 9.15.3
+Release Notes for BIND Version 9.15.4
 
 Introduction
 
@@ -65,6 +65,11 @@ Security Fixes
 
 New Features
 
+  * Added a new command line option to dig: <comand>+[no]unexpected</
+    comand>. By default, dig won't accept a reply from a source other than
+    the one to which it sent the query. Add the +unexpected argument to
+    enable it to process replies from unexpected sources.
+
   * The GeoIP2 API from MaxMind is now supported. Geolocation support will
     be compiled in by default if the libmaxminddb library is found at
     compile time, but can be turned off by using configure --disable-geoip
@@ -109,6 +114,9 @@ New Features
 
   * Statistics channel groups are now toggleable. [GL #1030]
 
+  * dig, mdig and delv can all now take a +yaml option to print output in
+    a a detailed YAML format. [RT #1145]
+
 Removed Features
 
   * The dnssec-enable option has been obsoleted and no longer has any
@@ -153,8 +161,8 @@ Feature Changes
   * A SipHash 2-4 based DNS Cookie (RFC 7873) algorithm has been added and
     made default. Old non-default HMAC-SHA based DNS Cookie algorithms
     have been removed, and only the default AES algorithm is being kept
-    for legacy reasons. This changes doesn't have any operational impact
-    in most common scenarios. [GL #605]
+    for legacy reasons. This change doesn't have any operational impact in
+    most common scenarios. [GL #605]
 
     If you are running multiple DNS Servers (different versions of BIND 9
     or DNS server from multiple vendors) responding from the same IP
@@ -207,7 +215,7 @@ Bug Fixes
   * named-checkconf now checks DNS64 prefixes to ensure bits 64-71 are
     zero. [GL #1159]
 
-  * named-checkconf now correctly reports missing dnstap-output option
+  * named-checkconf now correctly reports a missing dnstap-output option
     when dnstap is set. [GL #1136]
 
   * Handle ETIMEDOUT error on connect() with a non-blocking socket. [GL #
@@ -216,6 +224,9 @@ Bug Fixes
   * dig now correctly expands the IPv6 address when run with +expandaaaa
     +short. [GL #1152]
 
+  * When a response-policy zone expires, ensure that its policies are
+    removed from the RPZ summary database. [GL #1146]
+
 License
 
 BIND is open source software licensed under the terms of the Mozilla