9.9.9-P7

diff --git a/CHANGES b/CHANGES
index 449a24c31d0c36a3c227d4aa5fde8cf00235f293..d581a252e1ef463bdf60fa57eeeec49ce30c846a 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,5 @@
+       --- 9.9.9-P7 released ---
+
 4575.  [security]      DNS64 with "break-dnssec yes;" can result in an
                        assertion failure. (CVE-2017-3136) [RT #44653]
 

diff --git a/README b/README
index fb0263f91eef104411c15f557c33fdc09c5e1c6c..31488ef50ddf8b6413b0ac25590e1c520282e863 100644 (file)
--- a/README
+++ b/README
@@ -51,6 +51,11 @@ BIND 9
        For up-to-date release notes and errata, see
        http://www.isc.org/software/bind9/releasenotes
 
+BIND 9.9.9-P7
+
+       This version contains a fix for CVE-2017-3136, and updates
+       the built in trusted keys for the root zone.
+
 BIND 9.9.9-P6
 
        This version contains a fix for CVE-2017-3135, and a bug fix

diff --git a/doc/arm/notes.xml b/doc/arm/notes.xml
index a1c6cf268efe65eed734328a267424f9c886d985..48c041b9ec192ef50c0f9ab70824e5324d42bdb1 100644 (file)
--- a/doc/arm/notes.xml
+++ b/doc/arm/notes.xml
@@ -23,6 +23,11 @@
     <para>
       This document summarizes changes since BIND 9.9.9:
     </para>
+    <para>
+      BIND 9.9.9-P7 addresses the security issue described in
+      CVE-2017-3136, and updates the built in trusted keys for
+      the root zone.
+    </para>
     <para>
       BIND 9.9.9-P6 addresses the security issue described in
       CVE-2017-3135, and fixes a regression introduced in a prior

diff --git a/lib/dns/api b/lib/dns/api
index 9b31d25d322eda3dfad3e0cb05cfb5248b14df77..272e0e1797951a34066cbfc3cce31829f637e0c3 100644 (file)
--- a/lib/dns/api
+++ b/lib/dns/api
@@ -7,5 +7,5 @@
 # 9.10: 140-149
 # 9.11: 160-169
 LIBINTERFACE = 172
-LIBREVISION = 5
+LIBREVISION = 6
 LIBAGE = 0