<xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="noteversion.xml"/>
<section xml:id="relnotes_intro"><info><title>Introduction</title></info>
<para>
- BIND 9.12.0 is a new feature release of BIND, still under development.
- This document summarizes new features and functional changes that
- have been introduced on this branch. With each development
- release leading up to the final BIND 9.12.0 release, this document
- will be updated with additional features added and bugs fixed.
+ BIND 9.12.0 is a new feature release of BIND. This document
+ summarizes new features and functional changes that have been
+ introduced on this branch, as well as features that have been
+ deprecated or removed.
</para>
</section>
</para>
</section>
- <section xml:id="relnotes_license"><info><title>License Change</title></info>
- <para>
- With the release of BIND 9.11.0, ISC changed to the open
- source license for BIND from the ISC license to the Mozilla
- Public License (MPL 2.0).
- </para>
- <para>
- The MPL-2.0 license requires that if you make changes to
- licensed software (e.g. BIND) and distribute them outside
- your organization, that you publish those changes under that
- same license. It does not require that you publish or disclose
- anything other than the changes you made to our software.
- </para>
- <para>
- This requirement will not affect anyone who is using BIND, with
- or without modifications, without redistributing it, nor anyone
- redistributing it without changes. Therefore, this change will be
- without consequence for most individuals and organizations who are
- using BIND.
- </para>
- <para>
- Those unsure whether or not the license change affects their
- use of BIND, or who wish to discuss how to comply with the
- license may contact ISC at <link
- xmlns:xlink="http://www.w3.org/1999/xlink"
- xlink:href="https://www.isc.org/mission/contact/">
- https://www.isc.org/mission/contact/</link>.
- </para>
- </section>
-
- <section xml:id="win_support"><info><title>Legacy Windows No Longer Supported</title></info>
- <para>
- As of BIND 9.11.2, Windows XP and Windows 2003 are no longer supported
- platforms for BIND; "XP" binaries are no longer available for download
- from ISC.
- </para>
- </section>
-
- <section xml:id="relnotes_security"><info><title>Security Fixes</title></info>
- <itemizedlist>
- <listitem>
- <para>
- None.
- </para>
- </listitem>
- </itemizedlist>
- </section>
-
<section xml:id="relnotes_features"><info><title>New Features</title></info>
<itemizedlist>
<listitem>
<para>
This will reduce query loads on authoritative servers for signed
domains: when existing cached records can be used by the resolver
- to determine that a name does not exist in the authorittive domain,
+ to determine that a name does not exist in the authoritative domain,
no query needs to be sent. Reducing the number of iterative queries
should also improve resolver performance.
</para>
with other DNS implementations such as Unbound.
</para>
<para>
- This feature is avaiable if BIND is built with
+ This feature is available if BIND is built with
<command>configure --enable-dnsrps</command>, if a DNSRPS
provider is installed, and if <command>dnsrps-enable</command>
is set to "yes" in <filename>named.conf</filename>. Standard
built-in RPZ is used otherwise.
</para>
<para>
- Thanks to Vernon Schryver and Farsight Security for the
- contribution. [RT #43376]
+ Thanks to Farsight Security for the contribution. [RT #43376]
</para>
</listitem>
<listitem>
called "-redirect", use a trailing dot: "-redirect."
</para>
<para>
- Note: This change does not appply to the
+ Note: This change does not apply to the
<command>rndc addzone</command> or
<command>rndc modzone</command> commands.
</para>
<section xml:id="relnotes_removed"><info><title>Removed Features</title></info>
<itemizedlist>
+ <listitem>
+ <para>
+ As noted above, the <command>acache-enable</command>,
+ <command>acache-cleaning-interval</command>,
+ <command>additional-from-cache</command> and
+ <command>additional-from-auth</command> options are no longer
+ effective and <command>named</command> will log a warning if
+ they are set.
+ </para>
+ </listitem>
<listitem>
<para>
The ISC DNSSEC Lookaside Validation (DLV) service has
</listitem>
<listitem>
<para>
- As noted above, the <command>acache-enable</command>,
- <command>acache-cleaning-interval</command>,
- <command>additional-from-cache</command> and
- <command>additional-from-auth</command> options are no longer
- effective and <command>named</command> will log a warning if
- they are set.
+ The lightweight resolver daemon and library (<command>lwresd</command>
+ and <command>liblwres</command>) have been removed. [RT #45186]
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <command>dig +sigchase</command> and related options
+ <command>+trusted-keys</command> and <command>+topdown</command>
+ have been removed. <command>delv</command> is now the recommended
+ command for looking up records with DNSSEC validation.
+ [RT #42793]
</para>
</listitem>
<listitem>
<para>
The <command>isc-hmac-fixup</command> command, which was created
to address an interoperability problem in TSIG keys between
- early versions of BIND and other DNS implmentations, is now
+ early versions of BIND and other DNS implementations, is now
obsolete and has been removed. [RT #46411]
</para>
</listitem>
+ <listitem>
+ <para>
+ Windows XP and Windows 2003 are no longer supported platforms for
+ BIND; "XP" binaries are no longer available for download from
+ ISC.
+ </para>
+ </listitem>
</itemizedlist>
</section>
<section xml:id="relnotes_changes"><info><title>Feature Changes</title></info>
<itemizedlist>
- <listitem>
- <para>
- The ISC DNSSEC Lookaside Validation (DLV) service has been shut
- down; all DLV records in the dlv.isc.org zone have been removed.
- References to the service have been removed from BIND documentation.
- Lookaside validation is no longer used by default by
- <command>delv</command>. The DLV key has been removed from
- <filename>bind.keys</filename>. Setting
- <command>dnssec-lookaside</command> to
- <command>auto</command> or to use dlv.isc.org as a trust
- anchor is now a fatal configuration error. [RT #46155]
- </para>
- </listitem>
<listitem>
<para>
<command>named</command> will no longer start or accept
[RT #45492]
</para>
</listitem>
- <listitem>
- <para>
- The lightweight resolver daemon and library (<command>lwresd</command>
- and <command>liblwres</command>) have been removed. [RT #45186]
- </para>
- </listitem>
<listitem>
<para>
<command>dnssec-keygen</command> no longer has default
the event of RSASHA1 being deprecated. [RT #44755]
</para>
</listitem>
- <listitem>
- <para>
- <command>dig +sigchase</command> and related options
- <command>+trusted-keys</command> and <command>+topdown</command>
- have been removed. <command>delv</command> is now the recommended
- command for looking up records with DNSSEC validation.
- [RT #42793]
- </para>
- </listitem>
<listitem>
<para>
The Response Policy Zone (RPZ) implementation has been
Trust anchor telemetry messages, as specified by
RFC 8145, are now logged to the
<command>trust-anchor-telemetry</command> logging
- catagory.
+ category.
</para>
</listitem>
<listitem>
</itemizedlist>
</section>
- <section xml:id="relnotes_bugs"><info><title>Bug Fixes</title></info>
- <itemizedlist>
- <listitem>
- <para>
- Zones created with <command>rndc addzone</command> could
- temporarily fail to inherit the <command>allow-transfer</command>
- ACL set in the <command>options</command> section of
- <filename>named.conf</filename>. [RT #46603]
- </para>
- </listitem>
- <listitem>
- <para>
- The introduction of <command>libns</command> caused a bug
- in which TCP client objects were not recycled after use,
- leading to unconstrained memory growth. [RT #46029]
- </para>
- </listitem>
- <listitem>
- <para>
- Some header files included <isc/util.h> incorrectly as
- it pollutes with namespace with non ISC_ macros and this should
- only be done by explicitly including <isc/util.h>. This
- has been corrected. Some code may depend on <isc/util.h>
- being implicitly included via other header files. Such
- code should explicitly include <isc/util.h>.
- </para>
- </listitem>
- <listitem>
- <para>
- <command>named</command> failed to properly determine whether
- there were active KSK and ZSK keys for an algorithm when
- <command>update-check-ksk</command> was true (which is the
- default setting). This could leave records unsigned
- when rolling keys. [RT #46743] [RT #46754] [RT #46774]
- </para>
- </listitem>
- </itemizedlist>
+ <section xml:id="relnotes_license"><info><title>License</title></info>
+ <para>
+ BIND is open source software licenced under the terms of the Mozilla
+ Public License, version 2.0 (see the <filename>LICENSE</filename>
+ file for the full text).
+ </para>
+ <para>
+ The license requires that if you make changes to BIND and distribute
+ them outside your organization, those changes must be published under
+ the same license. It does not require that you publish or disclose
+ anything other than the changes you have made to our software. This
+ requirement does not affect anyone who is using BIND, with or without
+ modifications, without redistributing it, nor anyone redistributing
+ BIND without changes.
+ </para>
+ <para>
+ Those wishing to discuss license compliance may contact ISC at
+ <link
+ xmlns:xlink="http://www.w3.org/1999/xlink"
+ xlink:href="https://www.isc.org/mission/contact/">
+ https://www.isc.org/mission/contact/</link>.
+ </para>
</section>
<section xml:id="end_of_life"><info><title>End of Life</title></info>
<para>
- The end of life for BIND 9.12 is yet to be determined but
- will not be before BIND 9.14.0 has been released for 6 months.
+ The end-of-life date for BIND 9.12 has not yet been determined.
+ However, it is not intended to be an Extended Support Version (ESV)
+ branch; accordingly, support will end after the next stable
+ branch (9.14) becomes available. Those needing a longer-lived
+ branch are encouraged to use the current ESV, BIND 9.11, which
+ will be supported until December 2021. See
<link xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://www.isc.org/downloads/software-support-policy/">https://www.isc.org/downloads/software-support-policy/</link>
+ for details of ISC's software support policy.
</para>
</section>
- <section xml:id="relnotes_thanks"><info><title>Thank You</title></info>
+ <section xml:id="relnotes_thanks"><info><title>Thank You</title></info>
<para>
Thank you to everyone who assisted us in making this release possible.
If you would like to contribute to ISC to assist us in continuing to
projects / thirdparty / bind9.git / commitdiff
