Prepare release notes for BIND 9.18.40

diff --git a/doc/arm/notes.rst b/doc/arm/notes.rst
index 7349a8b8f06edb2559c3afa4e821ae1b4e13bbda..29ebaeb38bf160c52be95dbbd85f561dc89855f5 100644 (file)
--- a/doc/arm/notes.rst
+++ b/doc/arm/notes.rst
@@ -45,6 +45,7 @@ The list of known issues affecting the latest version in the 9.18 branch can be
 found at
 https://gitlab.isc.org/isc-projects/bind9/-/wikis/Known-Issues-in-BIND-9.18
 
+.. include:: ../notes/notes-9.18.40.rst
 .. include:: ../notes/notes-9.18.39.rst
 .. include:: ../notes/notes-9.18.38.rst
 .. include:: ../notes/notes-9.18.37.rst

diff --git a/doc/notes/notes-9.18.40.rst b/doc/notes/notes-9.18.40.rst
new file mode 100644 (file)
index 0000000..e8cd51d
--- /dev/null
+++ b/doc/notes/notes-9.18.40.rst
@@ -0,0 +1,114 @@
+.. Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+..
+.. SPDX-License-Identifier: MPL-2.0
+..
+.. This Source Code Form is subject to the terms of the Mozilla Public
+.. License, v. 2.0.  If a copy of the MPL was not distributed with this
+.. file, you can obtain one at https://mozilla.org/MPL/2.0/.
+..
+.. See the COPYRIGHT file distributed with this work for additional
+.. information regarding copyright ownership.
+
+Notes for BIND 9.18.40
+----------------------
+
+Security Fixes
+~~~~~~~~~~~~~~
+
+- [CVE-2025-8677] DNSSEC validation fails if matching but invalid DNSKEY
+  is found.
+
+  Previously, if a matching but cryptographically invalid key was
+  encountered during DNSSEC validation, the key was skipped and not
+  counted towards validation failures. :iscman:`named` now treats such
+  DNSSEC keys as hard failures and the DNSSEC validation fails
+  immediately, instead of continuing with the next DNSKEYs in the RRset.
+
+  ISC would like to thank Zuyao Xu and Xiang Li from the All-in-One
+  Security and Privacy Laboratory at Nankai University for bringing this
+  vulnerability to our attention. :gl:`#5343`
+
+- [CVE-2025-40778] Address various spoofing attacks.
+
+  Previously, several issues could be exploited to poison a DNS cache
+  with spoofed records for zones which were not DNSSEC-signed or if the
+  resolver was configured to not do DNSSEC validation. These issues were
+  assigned CVE-2025-40778 and have now been fixed.
+
+  As an additional layer of protection, :iscman:`named` no longer
+  accepts DNAME records or extraneous NS records in the AUTHORITY
+  section unless these are received via spoofing-resistant transport
+  (TCP, UDP with DNS cookies, TSIG, or SIG(0)).
+
+  ISC would like to thank Yuxiao Wu, Yunyi Zhang, Baojun Liu, and Haixin
+  Duan from Tsinghua University for bringing this vulnerability to our
+  attention. :gl:`#5414`
+
+- [CVE-2025-40780] Cache-poisoning due to weak pseudo-random number
+  generator.
+
+  It was discovered during research for an upcoming academic paper that
+  a xoshiro128\*\* internal state can be recovered by an external 3rd
+  party, allowing the prediction of UDP ports and DNS IDs in outgoing
+  queries. This could lead to an attacker spoofing the DNS answers with
+  great efficiency and poisoning the DNS cache.
+
+  The internal random generator has been changed to a cryptographically
+  secure pseudo-random generator.
+
+  ISC would like to thank Prof. Amit Klein and Omer Ben Simhon from
+  Hebrew University of Jerusalem for bringing this vulnerability to our
+  attention. :gl:`#5484`
+
+New Features
+~~~~~~~~~~~~
+
+- Support for parsing HHIT and BRID records has been added.
+
+  :gl:`#5444`
+
+Removed Features
+~~~~~~~~~~~~~~~~
+
+- Deprecate the "tkey-domain" statement.
+
+  Mark the :any:`tkey-domain` statement as deprecated since it is only
+  used by code implementing TKEY Mode 2 (Diffie-Hellman), which was
+  removed from newer BIND 9 branches. :gl:`#4204`
+
+- Deprecate the "tkey-gssapi-credential" statement.
+
+  The :any:`tkey-gssapi-keytab` statement allows GSS-TSIG to be set up
+  in a simpler and more reliable way than using the
+  :any:`tkey-gssapi-credential` statement and setting environment
+  variables (e.g. ``KRB5_KTNAME``). Therefore, the
+  :any:`tkey-gssapi-credential` statement has been deprecated;
+  :any:`tkey-gssapi-keytab` should be used instead.
+
+  For configurations currently using a combination of both
+  :any:`tkey-gssapi-keytab` *and* :any:`tkey-gssapi-credential`, the
+  latter should be dropped and the keytab pointed to by
+  :any:`tkey-gssapi-keytab` should now only contain the credential
+  previously specified by :any:`tkey-gssapi-credential`. :gl:`#4204`
+
+Bug Fixes
+~~~~~~~~~
+
+- Prevent spurious SERVFAILs for certain 0-TTL resource records.
+
+  Under certain circumstances, BIND 9 can return SERVFAIL when updating
+  existing entries in the cache with new NS, A, AAAA, or DS records with
+  0-TTL. :gl:`#5294`
+
+- RPZ canonical warning displays zone entry incorrectly.
+
+  When an IPv6 rpz prefix entry is entered incorrectly the log message
+  was just displaying the prefix rather than the full entry.  This has
+  been corrected. :gl:`#5491`
+
+- Missing DNSSEC information when CD bit is set in query.
+
+  The RRSIGs for glue records were not being cached correctly for CD=1
+  queries.  This has been fixed. :gl:`#5502`
+
+