The system tests on OpenBSD consistently exhibit lower stability
compared to our other CI platforms. Some of these challenges are
intrinsic to the system test itself and require attention. However,
there are OpenBSD issues, which seem to be more widespread on this
platform than others. In our daily CI pipelines, OpenBSD system tests
often bear the brunt of all failed CI jobs.
It's possible that our OpenBSD CI image could be optimized, but we
currently lack the domain-specific knowledge needed to make
improvements.
(cherry picked from commit 2ab292c169)
Ubuntu 18.04 LTS (Bionic Beaver) is EOL.
Move gcc:bionic:amd64-specific CFLAGS and EXTRA_CONFIGURE to
gcc:jammy:amd64.
(cherry picked from commit 6d100c4a32)
Basically all local data is considered trusted, and proper ACLs and
limits need to be explicitly configured. We are also free to let
protocol non-compliant servers burn in flames.
(cherry picked from commit fc907baa7f)
The new :cve: Sphinx role takes a CVE number as an argument and creates
a hyperlink to the relevant ISC Knowledgebase document that might have
more up-to-date or verbose information than the relevant release note.
This makes reaching ISC Knowledgebase pages directly from the release
notes easier.
Make all CVE references in the release notes use the new Sphinx role.
(cherry picked from commit 41b857e567)
Update Sphinx-related Python packages to their current versions pulled
in by "pip install sphinx-rtd-theme" run in a fresh virtual environment.
(cherry picked from commit 2f879cdec3)
Add the text "TTL-style unit suffixes or ISO 8601 duration formats",
just like we do at other places that are duration option types.
Also, in the dnssec-policy "keys" example, use a TTL-style unit too.
(cherry picked from commit b5a757c452)
We don't yet explain the syntax of TTL-style suffixes or ISO 8601
duration formats.
In 9.16 the terms are not sorted alphabetically, so I added the
duration explanation at the end of the list.
(manually picked from commit cc122d22b4)