9.11.0-P4

diff --git a/CHANGES b/CHANGES
index a7801084c102138cceffedaff1479d9ca48497c2..f34d299d89d40f6ca2b34ef852fe1efd4da5dfb4 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,5 @@
+       --- 9.11.0-P4 released ---
+
 4575.  [security]      DNS64 with "break-dnssec yes;" can result in an
                        assertion failure. (CVE-2017-3136) [RT #44653]
 

diff --git a/README b/README
index 39d764fcc5b75e2820193956e5326a57aa1ae871..f12f764611fd5e98fbb0338aac9ebbaf6efe81d0 100644 (file)
--- a/README
+++ b/README
@@ -51,6 +51,11 @@ BIND 9
        For up-to-date release notes and errata, see
        http://www.isc.org/software/bind9/releasenotes
 
+BIND 9.11.0-P4
+
+       This version contains a fix for CVE-2017-3136, and updates
+       the built in trusted keys for the root zone.
+
 BIND 9.11.0-P3
 
        This version contains a fix for CVE-2017-3135, and a bug fix

diff --git a/doc/arm/notes.xml b/doc/arm/notes.xml
index 265e21e1e1f64667a204b2a5805775e561b8172f..55ef5feab3b929354d3759858216ec64bfad0784 100644 (file)
--- a/doc/arm/notes.xml
+++ b/doc/arm/notes.xml
@@ -15,6 +15,11 @@
     <para>
       This document summarizes changes since BIND 9.11.0:
     </para>
+    <para>
+      BIND 9.11.0-P4 addresses the security issue described in
+      CVE-2017-3136, and updates the built in trusted keys for
+      the root zone.
+    </para>
     <para>
       BIND 9.11.0-P3 addresses the security issue described in
       CVE-2017-3135, and fixes a regression introduced in a prior

diff --git a/lib/dns/api b/lib/dns/api
index dbeb6d158793b480fa5cf5e3bd381407d4cb018f..1fd2092f0da10d7239a0869ee6f532f63e4e4136 100644 (file)
--- a/lib/dns/api
+++ b/lib/dns/api
@@ -7,5 +7,5 @@
 # 9.10: 140-149
 # 9.11: 160-169
 LIBINTERFACE = 166
-LIBREVISION = 5
+LIBREVISION = 6
 LIBAGE = 0