From: Michał Kępień Date: Wed, 12 Feb 2020 15:04:04 +0000 (+0100) Subject: Prepare release notes for BIND 9.16.0 X-Git-Tag: v9.16.0~1^2~4 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5eded8d66e1249708ececa3bcf5252a2c1f7901e;p=thirdparty%2Fbind9.git Prepare release notes for BIND 9.16.0 - Merge release notes from all 9.15.x releases, leaving only those which do not apply to BIND 9.14. - Add missing GitLab/RT issue identifiers. - Update "Introduction", "Note on Version Numbering", and "End of Life" sections with BIND 9.16 information. --- diff --git a/doc/arm/Makefile.in b/doc/arm/Makefile.in index 5bd7a698175..811755e2540 100644 --- a/doc/arm/Makefile.in +++ b/doc/arm/Makefile.in @@ -21,15 +21,7 @@ PDFOBJS = Bv9ARM.pdf notes.pdf NOTESXML = notes-download.xml notes-eol.xml notes-intro.xml notes-license.xml \ notes-numbering.xml notes-platforms.xml notes-thankyou.xml \ - notes-9.15.0.xml \ - notes-9.15.1.xml \ - notes-9.15.2.xml \ - notes-9.15.3.xml \ - notes-9.15.4.xml \ - notes-9.15.5.xml \ - notes-9.15.6.xml \ - notes-9.15.7.xml \ - notes-9.15.8.xml \ + notes-9.16.0.xml \ notes.xml doc man:: ${MANOBJS} ${TXTOBJS} ${PDFOBJS} diff --git a/doc/arm/notes-9.15.0.xml b/doc/arm/notes-9.15.0.xml deleted file mode 100644 index c2adb0c632b..00000000000 --- a/doc/arm/notes-9.15.0.xml +++ /dev/null @@ -1,108 +0,0 @@ - - -
Notes for BIND 9.15.0 - -
Security Fixes - - - - In certain configurations, named could crash - with an assertion failure if nxdomain-redirect - was in use and a redirected query resulted in an NXDOMAIN from the - cache. This flaw is disclosed in CVE-2019-6467. [GL #880] - - - - - The TCP client quota set using the tcp-clients - option could be exceeded in some cases. This could lead to - exhaustion of file descriptors. This flaw is disclosed in - CVE-2018-5743. [GL #615] - - - -
- -
New Features - - - - The new add-soa option specifies whether - or not the response-policy zone's SOA record - should be included in the additional section of RPZ responses. - [GL #865] - - - -
- -
Removed Features - - - - The dnssec-enable option has been obsoleted and - no longer has any effect. DNSSEC responses are always enabled - if signatures and other DNSSEC data are present. [GL #866] - - - -
- -
Feature Changes - - - - When static and managed DNSSEC keys were both configured for the - same name, or when a static key was used to - configure a trust anchor for the root zone and - dnssec-validation was set to the default - value of auto, automatic RFC 5011 key - rollovers would be disabled. This combination of settings was - never intended to work, but there was no check for it in the - parser. This has been corrected, and it is now a fatal - configuration error. [GL #868] - - - - - DS and CDS records are now generated with SHA-256 digests - only, instead of both SHA-1 and SHA-256. This affects the - default output of dnssec-dsfromkey, the - dsset files generated by - dnssec-signzone, the DS records added to - a zone by dnssec-signzone based on - keyset files, the CDS records added to - a zone by named and - dnssec-signzone based on "sync" timing - parameters in key files, and the checks performed by - dnssec-checkds. - - - -
- -
Bug Fixes - - - - The allow-update and - allow-update-forwarding options were - inadvertently treated as configuration errors when used at the - options or view level. - This has now been corrected. - [GL #913] - - - -
- -
diff --git a/doc/arm/notes-9.15.1.xml b/doc/arm/notes-9.15.1.xml deleted file mode 100644 index 7c26950f87c..00000000000 --- a/doc/arm/notes-9.15.1.xml +++ /dev/null @@ -1,87 +0,0 @@ - - -
Notes for BIND 9.15.1 - -
Security Fixes - - - - A race condition could trigger an assertion failure when - a large number of incoming packets were being rejected. - This flaw is disclosed in CVE-2019-6471. [GL #942] - - - -
- -
New Features - - - - In order to clarify the configuration of DNSSEC keys, - the trusted-keys and - managed-keys statements have been - deprecated, and the new dnssec-keys - statement should now be used for both types of key. - - - When used with the keyword initial-key, - dnssec-keys has the same behavior as - managed-keys, i.e., it configures - a trust anchor that is to be maintained via RFC 5011. - - - When used with the new keyword static-key, it - has the same behavior as trusted-keys, - configuring a permanent trust anchor that will not automatically - be updated. (This usage is not recommended for the root key.) - [GL #6] - - - -
- -
Removed Features - - - - The cleaning-interval option has been - removed. [GL !1731] - - - -
- -
Feature Changes - - - - named will now log a warning if - a static key is configured for the root zone. [GL #6] - - - - - JSON-C is now the only supported library for enabling JSON - support for BIND statistics. The configure - option has been renamed from --with-libjson - to --with-json-c. Use - PKG_CONFIG_PATH to specify a custom path to - the json-c library as the new - configure option does not take the library - installation path as an optional argument. - - - -
- -
diff --git a/doc/arm/notes-9.15.2.xml b/doc/arm/notes-9.15.2.xml deleted file mode 100644 index f03c4a26798..00000000000 --- a/doc/arm/notes-9.15.2.xml +++ /dev/null @@ -1,93 +0,0 @@ - - -
Notes for BIND 9.15.2 - -
New Features - - - - The GeoIP2 API from MaxMind is now supported. Geolocation support - will be compiled in by default if the libmaxminddb - library is found at compile time, but can be turned off by using - configure --disable-geoip. - - - The default path to the GeoIP2 databases will be set based - on the location of the libmaxminddb library; - for example, if it is in /usr/local/lib, - then the default path will be - /usr/local/share/GeoIP. - This value can be overridden in named.conf - using the geoip-directory option. - - - Some geoip ACL settings that were available with - legacy GeoIP, including searches for netspeed, - org, and three-letter ISO country codes, will - no longer work when using GeoIP2. Supported GeoIP2 database - types are country, city, - domain, isp, and - as. All of these databases support both IPv4 - and IPv6 lookups. [GL #182] [GL #1112] - - - - - Two new metrics have been added to the - statistics-channel to report DNSSEC - signing operations. For each key in each zone, the - dnssec-sign counter indicates the total - number of signatures named has generated - using that key since server startup, and the - dnssec-refresh counter indicates how - many of those signatures were refreshed during zone - maintenance, as opposed to having been generated - as a result of a zone update. [GL #513] - - - -
- -
Bug Fixes - - - - When qname-minimization was set to - relaxed, some improperly configured domains - would fail to resolve, but would have succeeded when minimization - was disabled. named will now fall back to normal - resolution in such cases, and also uses type A rather than NS for - minimal queries in order to reduce the likelihood of encountering - the problem. [GL #1055] - - - - - ./configure no longer sets - --sysconfdir to /etc or - --localstatedir to /var - when --prefix is not specified and the - aforementioned options are not specified explicitly. Instead, - Autoconf's defaults of $prefix/etc and - $prefix/var are respected. - - - - - Glue address records were not being returned in responses - to root priming queries; this has been corrected. [GL #1092] - - - -
- -
diff --git a/doc/arm/notes-9.15.3.xml b/doc/arm/notes-9.15.3.xml deleted file mode 100644 index 2a674ea72ad..00000000000 --- a/doc/arm/notes-9.15.3.xml +++ /dev/null @@ -1,125 +0,0 @@ - - -
Notes for BIND 9.15.3 - -
New Features - - - - Statistics channel groups are now toggleable. [GL #1030] - - - -
- -
Removed Features - - - - DNSSEC Lookaside Validation (DLV) is now obsolete. - The dnssec-lookaside option has been - marked as deprecated; when used in named.conf, - it will generate a warning but will otherwise be ignored. - All code enabling the use of lookaside validation has been removed - from the validator, delv, and the DNSSEC tools. - [GL #7] - - - -
- -
Feature Changes - - - - A SipHash 2-4 based DNS Cookie (RFC 7873) algorithm has been added and - made default. Old non-default HMAC-SHA based DNS Cookie algorithms - have been removed, and only the default AES algorithm is being kept - for legacy reasons. This change doesn't have any operational impact - in most common scenarios. [GL #605] - - - If you are running multiple DNS Servers (different versions of BIND 9 - or DNS server from multiple vendors) responding from the same IP - address (anycast or load-balancing scenarios), you'll have to make - sure that all the servers are configured with the same DNS Cookie - algorithm and same Server Secret for the best performance. - - - - - The information from the dnssec-signzone and - dnssec-verify commands is now printed to standard - output. The standard error output is only used to print warnings and - errors, and in case the user requests the signed zone to be printed to - standard output with -f - option. A new - configuration option -q has been added to silence - all output on standard output except for the name of the signed zone. - - - - - DS records included in DNS referral messages can now be validated - and cached immediately, reducing the number of queries needed for - a DNSSEC validation. [GL #964] - - - -
- -
Bug Fixes - - - - Cache database statistics counters could report invalid values - when stale answers were enabled, because of a bug in counter - maintenance when cache data becomes stale. The statistics counters - have been corrected to report the number of RRsets for each - RR type that are active, stale but still potentially served, - or stale and marked for deletion. [GL #602] - - - - - Interaction between DNS64 and RPZ No Data rule (CNAME *.) could - cause unexpected results; this has been fixed. [GL #1106] - - - - - named-checkconf now checks DNS64 prefixes - to ensure bits 64-71 are zero. [GL #1159] - - - - - named-checkconf now correctly reports a missing - dnstap-output option when - dnstap is set. [GL #1136] - - - - - Handle ETIMEDOUT error on connect() with a non-blocking - socket. [GL #1133] - - - - - dig now correctly expands the IPv6 address - when run with +expandaaaa +short. [GL #1152] - - - -
- -
diff --git a/doc/arm/notes-9.15.4.xml b/doc/arm/notes-9.15.4.xml deleted file mode 100644 index bd280a119db..00000000000 --- a/doc/arm/notes-9.15.4.xml +++ /dev/null @@ -1,47 +0,0 @@ - - -
Notes for BIND 9.15.4 - -
New Features - - - - Added a new command line option to dig: - +[no]unexpected. By default, dig - won't accept a reply from a source other than the one to which - it sent the query. Add the +unexpected argument - to enable it to process replies from unexpected sources. - - - - - dig, mdig and - delv can all now take a +yaml - option to print output in a a detailed YAML format. [RT #1145] - - - -
- -
Bug Fixes - - - - When a response-policy zone expires, ensure - that its policies are removed from the RPZ summary database. - [GL #1146] - - - -
- -
diff --git a/doc/arm/notes-9.15.5.xml b/doc/arm/notes-9.15.5.xml deleted file mode 100644 index 06a76878a3a..00000000000 --- a/doc/arm/notes-9.15.5.xml +++ /dev/null @@ -1,34 +0,0 @@ - - -
Notes for BIND 9.15.5 - -
Security Fixes - - - - named could crash with an assertion failure - if a forwarder returned a referral, rather than resolving the - query, when QNAME minimization was enabled. This flaw is - disclosed in CVE-2019-6476. [GL #1051] - - - - - A flaw in DNSSEC verification when transferring mirror zones - could allow data to be incorrectly marked valid. This flaw - is disclosed in CVE-2019-6475. [GL #1252] - - - -
- -
diff --git a/doc/arm/notes-9.15.6.xml b/doc/arm/notes-9.15.6.xml deleted file mode 100644 index b1b0952116d..00000000000 --- a/doc/arm/notes-9.15.6.xml +++ /dev/null @@ -1,97 +0,0 @@ - - -
Notes for BIND 9.15.6 - -
Security Fixes - - - - Set a limit on the number of concurrently served pipelined TCP - queries. This flaw is disclosed in CVE-2019-6477. [GL #1264] - - - -
- -
New Features - - - - A new asynchronous network communications system based on - libuv is now used by named - for listening for incoming requests and responding to them. - This change will make it easier to improve performance and - implement new protocol layers (for example, DNS over TLS) in - the future. [GL #29] - - - - - The new dnssec-policy option allows the - configuration key and signing policy (KASP) for zones. This - option enables named to generate new keys - as needed and automatically roll both ZSK and KSK keys. - (Note that the syntax for this statement differs from the DNSSEC - policy used by dnssec-keymgr.) [GL #1134] - - - - - Two new keywords have been added to the - dnssec-keys statement: - initial-ds and static-ds. - These allow the use of trust anchors in DS format instead of - DNSKEY format. DS format allows trust anchors to be configured - for keys that have not yet been published; this is the format - used by IANA when announcing future root keys. - - - As with the initial-key and - static-key keywords, initial-ds - configures a dynamic trust anchor to be maintained via RFC 5011, and - static-ds configures a permanent trust anchor. - - - (Note: Currently, DNSKEY-format and DS-format trust anchors - cannot both be used for the same domain name.) [GL #6] [GL #622] - - - - - Added a new statistics variable tcp-highwater - that reports the maximum number of simultaneous TCP clients BIND - has handled while running. [GL #1206] - - - -
- -
Feature Changes - - - - NSEC Aggressive Cache (synth-from-dnssec) has been disabled by default - because it was found to have a significant performance impact on the - recursive service. The NSEC Aggressive Cache will be enable by default - in the future releases. [GL #1265] - - - - - The DNSSEC validation code has been refactored for clarity and to - reduce code duplication. [GL #622] - - - -
- -
diff --git a/doc/arm/notes-9.15.7.xml b/doc/arm/notes-9.15.7.xml deleted file mode 100644 index 90cac2399e1..00000000000 --- a/doc/arm/notes-9.15.7.xml +++ /dev/null @@ -1,57 +0,0 @@ - - -
Notes for BIND 9.15.7 - -
Feature Changes - - - - The dnssec-keys configuration statement, - which was introduced in 9.15.1 and revised in 9.15.6, has now - been renamed to the more descriptive - trust-anchors. [GL !2702] - - - (See release notes for - - and - - for prior discussion of this feature.) - - - - - Added support for multithreaded listening for TCP connections - in the network manager. [GL !2659] - - - -
- -
Bug Fixes - - - - Fixed a bug that caused named to leak memory - on reconfiguration when any GeoIP2 database was in use. [GL #1445] - - - - - Fixed several possible race conditions discovered by - ThreadSanitizer. - - - -
- -
diff --git a/doc/arm/notes-9.15.8.xml b/doc/arm/notes-9.15.8.xml deleted file mode 100644 index a04883be03f..00000000000 --- a/doc/arm/notes-9.15.8.xml +++ /dev/null @@ -1,49 +0,0 @@ - - -
Notes for BIND 9.15.8 - -
Feature Changes - - - - The trust-anchors statement no longer rejects - a mix of both key-style and DS-style trust anchor entries for the - same name. [GL #1237] - - - -
- -
Bug Fixes - - - - Fixed an intermittent crash in the validator that could occur - when validating negative answers from the cache. [GL #1561] - - - - - Fixed a bug that could cause named to crash on - machines with more than 40 CPUs. [GL #1493] - - - - - Socket-related statistics counters were not being updated by - network manager sockets, but are now fully functional. [GL #1311] - - - -
- -
diff --git a/doc/arm/notes-9.16.0.xml b/doc/arm/notes-9.16.0.xml new file mode 100644 index 00000000000..849ef61c194 --- /dev/null +++ b/doc/arm/notes-9.16.0.xml @@ -0,0 +1,249 @@ + + +
Notes for BIND 9.16.0 + + + Note: this section only lists changes from BIND 9.14 (the + previous stable branch of BIND). + + +
New Features + + + + A new asynchronous network communications system based on + libuv is now used by named + for listening for incoming requests and responding to them. + This change will make it easier to improve performance and + implement new protocol layers (for example, DNS over TLS) in + the future. [GL #29] + + + + + The new dnssec-policy option allows the + configuration of a key and signing policy (KASP) for zones. This + option enables named to generate new keys + as needed and automatically roll both ZSK and KSK keys. + (Note that the syntax for this statement differs from the DNSSEC + policy used by dnssec-keymgr.) [GL #1134] + + + + + In order to clarify the configuration of DNSSEC keys, + the trusted-keys and + managed-keys statements have been + deprecated, and the new trust-anchors + statement should now be used for both types of key. + + + When used with the keyword initial-key, + trust-anchors has the same behavior as + managed-keys, i.e., it configures + a trust anchor that is to be maintained via RFC 5011. + + + When used with the new keyword static-key, + trust-anchors has the same behavior as + trusted-keys, i.e., it configures a permanent + trust anchor that will not automatically be updated. (This usage + is not recommended for the root key.) [GL #6] + + + + + Two new keywords have been added to the + trust-anchors statement: + initial-ds and static-ds. + These allow the use of trust anchors in DS format instead of + DNSKEY format. DS format allows trust anchors to be configured + for keys that have not yet been published; this is the format + used by IANA when announcing future root keys. + + + As with the initial-key and + static-key keywords, initial-ds + configures a dynamic trust anchor to be maintained via RFC 5011, and + static-ds configures a permanent trust anchor. + [GL #6] [GL #622] + + + + + dig, mdig and + delv can all now take a +yaml + option to print output in a detailed YAML format. [GL #1145] + + + + + dig now has a new command line option: + +[no]unexpected. By default, dig + won't accept a reply from a source other than the one to which + it sent the query. Add the +unexpected argument + to enable it to process replies from unexpected sources. [RT #44978] + + + + + dig now accepts a new command line option, + +[no]expandaaaa, which causes the IPv6 + addresses in AAAA records to be printed in full 128-bit + notation rather than the default RFC 5952 format. [GL #765] + + + + + Statistics channel groups can now be toggled. [GL #1030] + + + +
+ +
Feature Changes + + + + When static and managed DNSSEC keys were both configured for the + same name, or when a static key was used to + configure a trust anchor for the root zone and + dnssec-validation was set to the default + value of auto, automatic RFC 5011 key + rollovers would be disabled. This combination of settings was + never intended to work, but there was no check for it in the + parser. This has been corrected, and it is now a fatal + configuration error. [GL #868] + + + + + DS and CDS records are now generated with SHA-256 digests + only, instead of both SHA-1 and SHA-256. This affects the + default output of dnssec-dsfromkey, the + dsset files generated by + dnssec-signzone, the DS records added to + a zone by dnssec-signzone based on + keyset files, the CDS records added to + a zone by named and + dnssec-signzone based on "sync" timing + parameters in key files, and the checks performed by + dnssec-checkds. [GL #1015] + + + + + named will now log a warning if + a static key is configured for the root zone. [GL #6] + + + + + A SipHash 2-4 based DNS Cookie (RFC 7873) algorithm has been added and + made default. Old non-default HMAC-SHA based DNS Cookie algorithms + have been removed, and only the default AES algorithm is being kept + for legacy reasons. This change has no operational impact in most + common scenarios. [GL #605] + + + If you are running multiple DNS servers (different versions of BIND 9 + or DNS servers from multiple vendors) responding from the same IP + address (anycast or load-balancing scenarios), make sure that all the + servers are configured with the same DNS Cookie algorithm and same + Server Secret for the best performance. + + + + + The information from the dnssec-signzone and + dnssec-verify commands is now printed to standard + output. The standard error output is only used to print warnings and + errors, and in case the user requests the signed zone to be printed to + standard output with the -f - option. A new + configuration option -q has been added to silence + all output on standard output except for the name of the signed zone. + [GL #1151] + + + + + The DNSSEC validation code has been refactored for clarity and to + reduce code duplication. [GL #622] + + + + + Compile-time settings enabled by the + --with-tuning=large option for + configure are now in effect by default. + Previously used default compile-time settings can be enabled + by passing --with-tuning=small to + configure. [GL !2989] + + + + + JSON-C is now the only supported library for enabling JSON + support for BIND statistics. The configure + option has been renamed from --with-libjson + to --with-json-c. Set the + PKG_CONFIG_PATH environment variable + accordingly to specify a custom path to the + json-c library, as the new + configure option does not take the library + installation path as an optional argument. [GL #855] + + + + + ./configure no longer sets + --sysconfdir to /etc or + --localstatedir to /var + when --prefix is not specified and the + aforementioned options are not specified explicitly. Instead, + Autoconf's defaults of $prefix/etc and + $prefix/var are respected. [GL #658] + + + +
+ +
Removed Features + + + + The dnssec-enable option has been obsoleted and + no longer has any effect. DNSSEC responses are always enabled + if signatures and other DNSSEC data are present. [GL #866] + + + + + DNSSEC Lookaside Validation (DLV) is now obsolete. + The dnssec-lookaside option has been + marked as deprecated; when used in named.conf, + it will generate a warning but will otherwise be ignored. + All code enabling the use of lookaside validation has been removed + from the validator, delv, and the DNSSEC tools. + [GL #7] + + + + + The cleaning-interval option has been + removed. [GL !1731] + + + +
+ +
diff --git a/doc/arm/notes-eol.xml b/doc/arm/notes-eol.xml index ecaf4f00a16..5cc68f59da6 100644 --- a/doc/arm/notes-eol.xml +++ b/doc/arm/notes-eol.xml @@ -11,15 +11,13 @@
End of Life - BIND 9.15 is an unstable development branch. When its development - is complete, it will be renamed to BIND 9.16, which will be a - stable branch. + The end of life date for BIND 9.16 has not yet been determined. + At some point in the future BIND 9.16 will be designated as an + Extended Support Version (ESV). Until then, the current ESV is + BIND 9.11, which will be supported until at least December 2021. - The end of life date for BIND 9.16 has not yet been determined. - For those needing long term support, the current Extended Support - Version (ESV) is BIND 9.11, which will be supported until at - least December 2021. See + See https://kb.isc.org/docs/aa-00896 for details of ISC's software support policy. diff --git a/doc/arm/notes-intro.xml b/doc/arm/notes-intro.xml index c54c9539e99..24bfe103f0b 100644 --- a/doc/arm/notes-intro.xml +++ b/doc/arm/notes-intro.xml @@ -11,10 +11,12 @@
Introduction - BIND 9.15 is an unstable development release of BIND. - This document summarizes new features and functional changes that - have been introduced on this branch. With each development release - leading up to the stable BIND 9.16 release, this document will be - updated with additional features added and bugs fixed. + BIND 9.16 is a stable branch of BIND. + This document summarizes significant changes since the last + production release on that branch. + + + Please see the file CHANGES for a more + detailed list of changes and bug fixes.
diff --git a/doc/arm/notes-license.xml b/doc/arm/notes-license.xml index 361dd70ac5b..d11396175e6 100644 --- a/doc/arm/notes-license.xml +++ b/doc/arm/notes-license.xml @@ -11,7 +11,7 @@
License - BIND is open source software licensed under the terms of the Mozilla + BIND 9 is open source software licensed under the terms of the Mozilla Public License, version 2.0 (see the LICENSE file for the full text). @@ -28,7 +28,7 @@ Those wishing to discuss license compliance may contact ISC at - https://www.isc.org/mission/contact/. + xlink:href="https://www.isc.org/contact/"> + https://www.isc.org/contact/.
diff --git a/doc/arm/notes-numbering.xml b/doc/arm/notes-numbering.xml index 545e07c201e..d91e9beec1f 100644 --- a/doc/arm/notes-numbering.xml +++ b/doc/arm/notes-numbering.xml @@ -11,20 +11,10 @@
Note on Version Numbering - Until BIND 9.12, new feature development releases were tagged - as "alpha" and "beta", leading up to the first stable release - for a given development branch, which always ended in ".0". - More recently, BIND adopted the "odd-unstable/even-stable" - release numbering convention. There will be no "alpha" or "beta" - releases in the 9.15 branch, only increasing version numbers. - So, for example, what would previously have been called 9.15.0a1, - 9.15.0a2, 9.15.0b1, and so on, will instead be called 9.15.0, - 9.15.1, 9.15.2, etc. - - - The first stable release from this development branch will be - renamed as 9.16.0. Thereafter, maintenance releases will continue - on the 9.16 branch, while unstable feature development proceeds in - 9.17. + As of BIND 9.13/9.14, BIND has adopted the "odd-unstable/even-stable" + release numbering convention. BIND 9.16 contains new features added + during the BIND 9.15 development process. Henceforth, the 9.16 branch + will be limited to bug fixes and new feature development will proceed + in the unstable 9.17 branch.
diff --git a/doc/arm/notes.xml b/doc/arm/notes.xml index 07a8390421b..941e777522f 100644 --- a/doc/arm/notes.xml +++ b/doc/arm/notes.xml @@ -24,15 +24,7 @@ - - - - - - - - - + diff --git a/util/copyrights b/util/copyrights index 9a22dcca7c5..363b84daac2 100644 --- a/util/copyrights +++ b/util/copyrights @@ -1466,15 +1466,7 @@ ./doc/arm/master.zoneopt.xml SGML 2018,2019,2020 ./doc/arm/masters.grammar.xml SGML 2018,2019,2020 ./doc/arm/mirror.zoneopt.xml SGML 2018,2019,2020 -./doc/arm/notes-9.15.0.xml SGML 2019,2020 -./doc/arm/notes-9.15.1.xml SGML 2019,2020 -./doc/arm/notes-9.15.2.xml SGML 2019,2020 -./doc/arm/notes-9.15.3.xml SGML 2019,2020 -./doc/arm/notes-9.15.4.xml SGML 2019,2020 -./doc/arm/notes-9.15.5.xml SGML 2019,2020 -./doc/arm/notes-9.15.6.xml SGML 2019,2020 -./doc/arm/notes-9.15.7.xml SGML 2019,2020 -./doc/arm/notes-9.15.8.xml SGML 2020 +./doc/arm/notes-9.16.0.xml SGML 2020 ./doc/arm/notes-download.xml SGML 2019,2020 ./doc/arm/notes-eol.xml SGML 2019,2020 ./doc/arm/notes-intro.xml SGML 2019,2020