Add CHANGES and release note for [GL #3071]

(cherry picked from commit ff8d37cbdb020e696c6b396e3342c786ada6d81d)

diff --git a/CHANGES b/CHANGES
index 69e5a5e6804f5f5123bdbd11c19fe5a16a9faaba..5af935ba707dca112183642eae7441bbe9a0823d 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -8,6 +8,12 @@
 5787.  [doc]           Update 'auto-dnssec' documentation, it may only be
                        activated at zone level. [GL #3023]
 
+5786.  [bug]           Defer detaching from zone->raw in zone_shutdown() if
+                       the zone is in the process of being dumped to disk, to
+                       ensure that the unsigned serial number information is
+                       always written in the raw-format header of the signed
+                       version on an inline-signed zone. [GL #3071]
+
 5785.  [bug]           named could leak memory when two dnssec-policy clauses
                        had the same name. named failed to log this error.
                        [GL #3085]

diff --git a/doc/notes/notes-current.rst b/doc/notes/notes-current.rst
index 469bf2a3dd5d0d9d1bbb3878282911ecc81cc85c..29a338ed8a9678fe42b330ac74797d9e55068a1e 100644 (file)
--- a/doc/notes/notes-current.rst
+++ b/doc/notes/notes-current.rst
@@ -49,3 +49,9 @@ Bug Fixes
   to out-of-memory problem in a long run. This has been fixed. :gl:`#3051`
 
 - Overall memory use by ``named`` was optimized and reduced.  :gl:`#2398`
+
+- Under certain circumstances, the signed version of an inline-signed
+  zone could be dumped to disk without the serial number of the unsigned
+  version of the zone, preventing resynchronization of zone contents
+  after ``named`` restart in case the unsigned zone file gets modified
+  while ``named`` is not running. This has been fixed. :gl:`#3071`