Update BIND version to 9.17.6

Prepare release notes for BIND 9.17.6

See merge request isc-private/bind9!214

CHANGES

@@ -1,10 +1,12 @@
-5516.	[func]		The default EDNS buffer size has been changed from 4096
-			to 1232, the EDNS buffer size probing has been removed
-			and ``named`` now sets the DON'T FRAGMENT flag on
-			outgoing UDP packets. [GL #2183]
+	--- 9.17.6 released ---
 
-5515.	[func]		Add 'rndc dnssec -rollover' command to trigger a
-			manual rollover for a specific key. [GL #1749]
+5516.	[func]		The default EDNS buffer size has been changed from 4096
+			to 1232 bytes, the EDNS buffer size probing has been
+			removed, and named now sets the DF (Don't Fragment) flag
+			on outgoing UDP packets. [GL #2183]
+
+5515.	[func]		Add 'rndc dnssec -rollover' command to trigger a manual
+			rollover for a specific key. [GL #1749]
 
 5514.	[bug]		Fix KASP expected key size for Ed25519 and Ed448.
 			[GL #2171]
@@ -21,7 +23,7 @@
 			microsecond. [GL #2190]
 
 5510.	[bug]		Implement the attach/detach semantics for dns_message_t
-			to fix a data race in accessing already destroyed
+			to fix a data race in accessing an already-destroyed
 			fctx->rmessage. [GL #2124]
 
 5509.	[bug]		filter-aaaa: named crashed upon shutdown if it was in

bin/rndc/rndc.rst

@@ -161,10 +161,7 @@ Currently supported commands are:
 
    See also ``rndc addzone`` and ``rndc modzone``.
 
-``dnssec`` ( **-status** |
-             **-rollover** **-key** id [**-alg** *algorithm*] [**-when** *time*] |
-             **-checkds** [**-key** *id* [**-alg** *algorithm*]] [**-when** *time*] ( *published* | *withdrawn* )
-           ) *zone* [*class* [*view*]]
+``dnssec`` ( **-status** | **-rollover** **-key** id [**-alg** *algorithm*] [**-when** *time*] | **-checkds** [**-key** *id* [**-alg** *algorithm*]] [**-when** *time*] ( *published* | *withdrawn* )) *zone* [*class* [*view*]]
    This command allows you to interact with the "dnssec-policy" of a given
    zone.
 

configure.ac

@@ -14,7 +14,7 @@
 #
 m4_define([bind_VERSION_MAJOR], 9)dnl
 m4_define([bind_VERSION_MINOR], 17)dnl
-m4_define([bind_VERSION_PATCH], 5)dnl
+m4_define([bind_VERSION_PATCH], 6)dnl
 m4_define([bind_VERSION_EXTRA], )dnl
 m4_define([bind_DESCRIPTION], [(Development Release)])dnl
 m4_define([bind_SRCID], [m4_esyscmd_s([git rev-parse --short HEAD | cut -b1-7])])dnl

doc/arm/notes.rst

@@ -52,7 +52,7 @@ https://www.isc.org/download/. There you will find additional
 information about each release, source code, and pre-compiled versions
 for Microsoft Windows operating systems.
 
-.. include:: ../notes/notes-current.rst
+.. include:: ../notes/notes-9.17.6.rst
 .. include:: ../notes/notes-9.17.5.rst
 .. include:: ../notes/notes-9.17.4.rst
 .. include:: ../notes/notes-9.17.3.rst

doc/arm/reference.rst

@@ -3170,7 +3170,7 @@ specify RRset ordering for a name and all of its subdomains, two
 separate rules must be defined: one for ``<domain_name>`` and one for
 ``*.<domain_name>``.
 
-The legal values for ``ordering`` are:
+The legal values for ``<ordering>`` are:
 
 ``fixed``
     Records are returned in the order they are defined in the zone file.

doc/man/rndc.8in

@@ -161,20 +161,7 @@ recreated. To remove it permanently, it must also be removed from
 .sp
 See also \fBrndc addzone\fP and \fBrndc modzone\fP\&.
 .TP
-\fBdnssec\fP ( \fB\-status\fP |
-.INDENT 7.0
-.INDENT 3.5
-.INDENT 0.0
-.INDENT 3.5
-\fB\-rollover\fP \fB\-key\fP id [\fB\-alg\fP \fIalgorithm\fP] [\fB\-when\fP \fItime\fP] |
-\fB\-checkds\fP [\fB\-key\fP \fIid\fP [\fB\-alg\fP \fIalgorithm\fP]] [\fB\-when\fP \fItime\fP] ( \fIpublished\fP | \fIwithdrawn\fP )
-.UNINDENT
-.UNINDENT
-.sp
-) \fIzone\fP [\fIclass\fP [\fIview\fP]]
-.UNINDENT
-.UNINDENT
-.sp
+\fBdnssec\fP ( \fB\-status\fP | \fB\-rollover\fP \fB\-key\fP id [\fB\-alg\fP \fIalgorithm\fP] [\fB\-when\fP \fItime\fP] | \fB\-checkds\fP [\fB\-key\fP \fIid\fP [\fB\-alg\fP \fIalgorithm\fP]] [\fB\-when\fP \fItime\fP] ( \fIpublished\fP | \fIwithdrawn\fP )) \fIzone\fP [\fIclass\fP [\fIview\fP]]
 This command allows you to interact with the "dnssec\-policy" of a given
 zone.
 .sp

doc/notes/notes-9.17.6.rst

@@ -0,0 +1,64 @@
+.. 
+   Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+   
+   This Source Code Form is subject to the terms of the Mozilla Public
+   License, v. 2.0. If a copy of the MPL was not distributed with this
+   file, you can obtain one at https://mozilla.org/MPL/2.0/.
+   
+   See the COPYRIGHT file distributed with this work for additional
+   information regarding copyright ownership.
+
+Notes for BIND 9.17.6
+---------------------
+
+New Features
+~~~~~~~~~~~~
+
+- Add a new ``rndc`` command, ``rndc dnssec -rollover``, which triggers
+  a manual rollover for a specific key. [GL #1749]
+
+- Add a new ``rndc`` command, ``rndc dumpdb -expired``, which dumps the
+  cache database, including expired RRsets that are awaiting cleanup, to
+  the ``dump-file`` for diagnostic purposes. [GL #1870]
+
+Removed Features
+~~~~~~~~~~~~~~~~
+
+- The ``glue-cache`` *option* has been marked as deprecated. The glue
+  cache *feature* still works and will be permanently *enabled* in a
+  future release. [GL #2146]
+
+Feature Changes
+~~~~~~~~~~~~~~~
+
+- DNS Flag Day 2020: The default EDNS buffer size has been changed from
+  4096 to 1232 bytes, the EDNS buffer size probing has been removed, and
+  ``named`` now sets the DF (Don't Fragment) flag on outgoing UDP
+  packets. According to measurements done by multiple parties, this
+  should not cause any operational problems as most of the Internet
+  "core" is able to cope with IP message sizes between 1400-1500 bytes;
+  the 1232 size was picked as a conservative minimal number that could
+  be changed by the DNS operator to an estimated path MTU minus the
+  estimated header space. In practice, the smallest MTU witnessed in the
+  operational DNS community is 1500 octets, the maximum Ethernet payload
+  size, so a useful default for maximum DNS/UDP payload size on reliable
+  networks would be 1400 bytes. [GL #2183]
+
+Bug Fixes
+~~~~~~~~~
+
+- ``named`` reported an invalid memory size when running in an
+  environment that did not properly report the number of available
+  memory pages and/or the size of each memory page. [GL #2166]
+
+- With multiple forwarders configured, ``named`` could fail the
+  ``REQUIRE(msg->state == (-1))`` assertion in ``lib/dns/message.c``,
+  causing it to crash. This has been fixed. [GL #2124]
+
+- ``named`` erroneously performed continuous key rollovers for KASP
+  policies that used algorithm Ed25519 or Ed448 due to a mismatch
+  between created key size and expected key size. [GL #2171]
+
+- Updating contents of an RPZ zone which contained names spelled using
+  varying letter case could cause some processing rules in that RPZ zone
+  to be erroneously ignored. [GL #2169]

doc/notes/notes-current.rst

@@ -1,71 +0,0 @@
-.. 
-   Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-   
-   This Source Code Form is subject to the terms of the Mozilla Public
-   License, v. 2.0. If a copy of the MPL was not distributed with this
-   file, you can obtain one at https://mozilla.org/MPL/2.0/.
-   
-   See the COPYRIGHT file distributed with this work for additional
-   information regarding copyright ownership.
-
-Notes for BIND 9.17.6
----------------------
-
-Security Fixes
-~~~~~~~~~~~~~~
-
-- None.
-
-Known Issues
-~~~~~~~~~~~~
-
-- None.
-
-New Features
-~~~~~~~~~~~~
-
-- Add a new ``rndc`` command, ``rndc dnssec -rollover``, which triggers
-  a manual rollover for a specific key. [GL #1749]
-
-- New ``rndc`` command ``rndc dumpdb -expired`` that dumps the cache database
-  to the dump-file including expired RRsets that are awaiting cleanup, for
-  diagnostic purposes. [GL #1870]
-
-Removed Features
-~~~~~~~~~~~~~~~~
-
-- None.
-
-
-Feature Changes
-~~~~~~~~~~~~~~~
-
-- [DNS Flag Day 2020]: The default EDNS buffer size has been changed from 4096
-  to 1232, the EDNS buffer size probing has been removed and ``named`` now sets
-  the DON'T FRAGMENT flag on outgoing UDP packets.  According to the
-  measurements done by multiple parties this should not be causing any
-  operational problems as most of the Internet "core" is able to cope with IP
-  message sizes between 1400-1500 bytes, the 1232 size was picked as a
-  conservative minimal number that could be changed by the DNS operator to a
-  estimated path MTU minus the estimated header space. In practice, the smallest
-  MTU witnessed in the operational DNS community is 1500 octets, the Ethernet
-  maximum payload size, so a a useful default for maximum DNS/UDP payload size
-  on reliable networks would be 1400. [GL #2183]
-
-Bug Fixes
-~~~~~~~~~
-
-- Updating contents of an RPZ zone which contained names spelled using
-  varying letter case could cause some processing rules in that RPZ zone
-  to be erroneously ignored. [GL #2169]
-
-- `named` would report invalid memory size when running in an environment
-  that doesn't properly report number of available memory pages or pagesize.
-  [GL #2166]
-
-- `named` would exit with assertion failure REQUIRE(msg->state == (-1)) in
-  message.c due to a possible data race. [GL #2124]
-
-- `named` would start continous rollovers for policies that algorithms
-  Ed25519 or Ed448 due to a mismatch in created key size and expected key size.
-  [GL #2171]

lib/dns/api

@@ -11,6 +11,6 @@
 # 9.13/9.14: 1300-1499
 # 9.15/9.16: 1500-1699
 # 9.17/9.18: 1700-1899
-LIBINTERFACE = 1705
+LIBINTERFACE = 1706
 LIBREVISION = 0
 LIBAGE = 0

lib/isc/api

@@ -11,6 +11,6 @@
 # 9.13/9.14: 1300-1499
 # 9.15/9.16: 1500-1699
 # 9.17/9.18: 1700-1899
-LIBINTERFACE = 1704
-LIBREVISION = 1
+LIBINTERFACE = 1705
+LIBREVISION = 0
 LIBAGE = 0

lib/isccc/api

@@ -12,5 +12,5 @@
 # 9.15/9.16: 1500-1699
 # 9.17/9.18: 1700-1899
 LIBINTERFACE = 1702
-LIBREVISION = 0
+LIBREVISION = 1
 LIBAGE = 0

lib/isccfg/api

@@ -12,5 +12,5 @@
 # 9.15/9.16: 1500-1699
 # 9.17/9.18: 1700-1899
 LIBINTERFACE = 1702
-LIBREVISION = 0
+LIBREVISION = 1
 LIBAGE = 0

lib/ns/api

@@ -11,6 +11,6 @@
 # 9.13/9.14: 1300-1499
 # 9.15/9.16: 1500-1699
 # 9.17/9.18: 1700-1899
-LIBINTERFACE = 1703
-LIBREVISION = 1
+LIBINTERFACE = 1704
+LIBREVISION = 0
 LIBAGE = 0

util/copyrights

@@ -1240,7 +1240,7 @@
 ./doc/notes/notes-9.17.3.rst			RST	2020
 ./doc/notes/notes-9.17.4.rst			RST	2020
 ./doc/notes/notes-9.17.5.rst			RST	2020
-./doc/notes/notes-current.rst			RST	2020
+./doc/notes/notes-9.17.6.rst			RST	2020
 ./docutil/HTML_COPYRIGHT			X	2001,2004,2016,2018,2019,2020
 ./docutil/MAN_COPYRIGHT				X	2001,2004,2016,2018,2019,2020
 ./docutil/patch-db2latex-duplicate-template-bug	X	2007,2018,2019,2020