]> git.ipfire.org Git - thirdparty/bind9.git/commitdiff
regen master
authorTinderbox User <tbox@isc.org>
Wed, 18 Nov 2015 01:04:11 +0000 (01:04 +0000)
committerTinderbox User <tbox@isc.org>
Wed, 18 Nov 2015 01:04:11 +0000 (01:04 +0000)
27 files changed:
FAQ
bin/dig/dig.1
bin/dig/dig.html
bin/dnssec/dnssec-importkey.8
bin/dnssec/dnssec-importkey.html
bin/dnssec/dnssec-revoke.8
bin/dnssec/dnssec-revoke.html
bin/dnssec/dnssec-settime.8
bin/dnssec/dnssec-settime.html
bin/python/dnssec-checkds.8
bin/python/dnssec-checkds.html
bin/tools/named-rrchecker.1
bin/tools/named-rrchecker.html
doc/arm/Bv9ARM.ch04.html
doc/arm/Bv9ARM.ch06.html
doc/arm/Bv9ARM.ch07.html
doc/arm/Bv9ARM.ch09.html
doc/arm/Bv9ARM.ch12.html
doc/arm/Bv9ARM.ch13.html
doc/arm/Bv9ARM.html
doc/arm/man.dig.html
doc/arm/man.dnssec-checkds.html
doc/arm/man.dnssec-importkey.html
doc/arm/man.dnssec-revoke.html
doc/arm/man.dnssec-settime.html
doc/arm/man.named-rrchecker.html
doc/arm/notes.html

diff --git a/FAQ b/FAQ
index ed6ec56b8f040a610a51956c26e9a196b6016488..29475d47a146681dac363ee49e9250082bfef17d 100644 (file)
--- a/FAQ
+++ b/FAQ
@@ -92,7 +92,7 @@ Q: I'm trying to use TSIG to authenticate dynamic updates or zone
    rejecting the TSIG. Why?
 
 A: This may be a clock skew problem. Check that the the clocks on the
-   client and server are properly synchronised (e.g., using ntp).
+   client and server are properly synchronized (e.g., using ntp).
 
 Q: I see a log message like the following. Why?
 
index e4ad387818bb1fa6dd6f31870c931c1266935b9b..e4d7fe35d16bf393654e8de3c93daa413283c06c 100644 (file)
@@ -207,7 +207,7 @@ Enable memory usage debugging\&.
 .PP
 \-p \fIport\fR
 .RS 4
-Send the query to a non\-standard port on the server, instead of the defaut port 53\&. This option would be used to test a name server that has been configured to listen for queries on a non\-standard port number\&.
+Send the query to a non\-standard port on the server, instead of the default port 53\&. This option would be used to test a name server that has been configured to listen for queries on a non\-standard port number\&.
 .RE
 .PP
 \-q \fIname\fR
index bebdd6753e9d99e26fd09a3ceb05ac5230788c94..d3a422b794bc220fc87d4c40550a96816bf29571 100644 (file)
 <dt><span class="term">-p <em class="replaceable"><code>port</code></em></span></dt>
 <dd><p>
            Send the query to a non-standard port on the server,
-           instead of the defaut port 53. This option would be used
+           instead of the default port 53. This option would be used
            to test a name server that has been configured to listen
            for queries on a non-standard port number.
          </p></dd>
index 3940077200ac4186ba688049499068b0f3241160..042d4748166d4d5fd48bec997434f102fc711356 100644 (file)
@@ -44,7 +44,7 @@
 .\" * MAIN CONTENT STARTS HERE *
 .\" -----------------------------------------------------------------
 .SH "NAME"
-dnssec-importkey \- Import DNSKEY records from external systems so they can be managed\&.
+dnssec-importkey \- import DNSKEY records from external systems so they can be managed
 .SH "SYNOPSIS"
 .HP \w'\fBdnssec\-importkey\fR\ 'u
 \fBdnssec\-importkey\fR [\fB\-K\ \fR\fB\fIdirectory\fR\fR] [\fB\-L\ \fR\fB\fIttl\fR\fR] [\fB\-P\ \fR\fB\fIdate/offset\fR\fR] [\fB\-P\ sync\ \fR\fB\fIdate/offset\fR\fR] [\fB\-D\ \fR\fB\fIdate/offset\fR\fR] [\fB\-D\ sync\ \fR\fB\fIdate/offset\fR\fR] [\fB\-h\fR] [\fB\-v\ \fR\fB\fIlevel\fR\fR] [\fB\-V\fR] {\fBkeyfile\fR}
index 6f1d657ffcf5c966a4dbdfe6f5387e9a90297009..219b13aa6dcb0175ab21026122e5fea051f841c6 100644 (file)
@@ -24,7 +24,7 @@
 <a name="man.dnssec-importkey"></a><div class="titlepage"></div>
 <div class="refnamediv">
 <h2>Name</h2>
-<p><span class="application">dnssec-importkey</span> &#8212; Import DNSKEY records from external systems so they can be managed.</p>
+<p><span class="application">dnssec-importkey</span> &#8212; import DNSKEY records from external systems so they can be managed</p>
 </div>
 <div class="refsynopsisdiv">
 <h2>Synopsis</h2>
index a8b4b09dae3f61c9720226382c8584c76f532638..284c71072db0457d5f1ee995811220468814fbf6 100644 (file)
@@ -44,7 +44,7 @@
 .\" * MAIN CONTENT STARTS HERE *
 .\" -----------------------------------------------------------------
 .SH "NAME"
-dnssec-revoke \- Set the REVOKED bit on a DNSSEC key
+dnssec-revoke \- set the REVOKED bit on a DNSSEC key
 .SH "SYNOPSIS"
 .HP \w'\fBdnssec\-revoke\fR\ 'u
 \fBdnssec\-revoke\fR [\fB\-hr\fR] [\fB\-v\ \fR\fB\fIlevel\fR\fR] [\fB\-V\fR] [\fB\-K\ \fR\fB\fIdirectory\fR\fR] [\fB\-E\ \fR\fB\fIengine\fR\fR] [\fB\-f\fR] [\fB\-R\fR] {keyfile}
index b2fa32d9c261313be46a5b5e5865705eeb4c8846..02d65f295a661bb33b0d32b8374ee2d9139110f7 100644 (file)
@@ -23,7 +23,7 @@
 <a name="man.dnssec-revoke"></a><div class="titlepage"></div>
 <div class="refnamediv">
 <h2>Name</h2>
-<p><span class="application">dnssec-revoke</span> &#8212; Set the REVOKED bit on a DNSSEC key</p>
+<p><span class="application">dnssec-revoke</span> &#8212; set the REVOKED bit on a DNSSEC key</p>
 </div>
 <div class="refsynopsisdiv">
 <h2>Synopsis</h2>
index 599eca4776f14da6086a4c45fe6431483dc9671c..0409b958acef2bb818d5546b2fc64f544939b534 100644 (file)
@@ -44,7 +44,7 @@
 .\" * MAIN CONTENT STARTS HERE *
 .\" -----------------------------------------------------------------
 .SH "NAME"
-dnssec-settime \- Set the key timing metadata for a DNSSEC key
+dnssec-settime \- set the key timing metadata for a DNSSEC key
 .SH "SYNOPSIS"
 .HP \w'\fBdnssec\-settime\fR\ 'u
 \fBdnssec\-settime\fR [\fB\-f\fR] [\fB\-K\ \fR\fB\fIdirectory\fR\fR] [\fB\-L\ \fR\fB\fIttl\fR\fR] [\fB\-P\ \fR\fB\fIdate/offset\fR\fR] [\fB\-P\ sync\ \fR\fB\fIdate/offset\fR\fR] [\fB\-A\ \fR\fB\fIdate/offset\fR\fR] [\fB\-R\ \fR\fB\fIdate/offset\fR\fR] [\fB\-I\ \fR\fB\fIdate/offset\fR\fR] [\fB\-D\ sync\ \fR\fB\fIdate/offset\fR\fR] [\fB\-D\ sync\ \fR\fB\fIdate/offset\fR\fR] [\fB\-h\fR] [\fB\-V\fR] [\fB\-v\ \fR\fB\fIlevel\fR\fR] [\fB\-E\ \fR\fB\fIengine\fR\fR] {keyfile}
index 509cf1190c9d27920f1d938de5cdc5c6d01604cf..f0d49331389e37900b360e22d2610b5ee8b0b473 100644 (file)
@@ -23,7 +23,7 @@
 <a name="man.dnssec-settime"></a><div class="titlepage"></div>
 <div class="refnamediv">
 <h2>Name</h2>
-<p><span class="application">dnssec-settime</span> &#8212; Set the key timing metadata for a DNSSEC key</p>
+<p><span class="application">dnssec-settime</span> &#8212; set the key timing metadata for a DNSSEC key</p>
 </div>
 <div class="refsynopsisdiv">
 <h2>Synopsis</h2>
index 4706dc6ed5a6f4ba53a12d83467dd660073a5a5d..540c03d5454b7ebcaa4f913c78200014778ffbe2 100644 (file)
@@ -44,7 +44,7 @@
 .\" * MAIN CONTENT STARTS HERE *
 .\" -----------------------------------------------------------------
 .SH "NAME"
-dnssec-checkds \- A DNSSEC delegation consistency checking tool\&.
+dnssec-checkds \- DNSSEC delegation consistency checking tool
 .SH "SYNOPSIS"
 .HP \w'\fBdnssec\-checkds\fR\ 'u
 \fBdnssec\-checkds\fR [\fB\-l\ \fR\fB\fIdomain\fR\fR] [\fB\-f\ \fR\fB\fIfile\fR\fR] [\fB\-d\ \fR\fB\fIdig\ path\fR\fR] [\fB\-D\ \fR\fB\fIdsfromkey\ path\fR\fR] {zone}
index f7f49de367fdffa62bb63fba7fa0f5b85064c0ec..df2fa892cb9ee803956ee581dce38a714c569626 100644 (file)
@@ -23,7 +23,7 @@
 <a name="man.dnssec-checkds"></a><div class="titlepage"></div>
 <div class="refnamediv">
 <h2>Name</h2>
-<p><span class="application">dnssec-checkds</span> &#8212; A DNSSEC delegation consistency checking tool.</p>
+<p><span class="application">dnssec-checkds</span> &#8212; DNSSEC delegation consistency checking tool</p>
 </div>
 <div class="refsynopsisdiv">
 <h2>Synopsis</h2>
index 6bb7121ed8b33a1034bdc3b18a642549c9095b1d..d021a916d1f218b68b9996e51c095f9388d6e59e 100644 (file)
@@ -44,7 +44,7 @@
 .\" * MAIN CONTENT STARTS HERE *
 .\" -----------------------------------------------------------------
 .SH "NAME"
-named-rrchecker \- syntax checker for individual DNS resource records
+named-rrchecker \- syntax checker for individual DNS resource records
 .SH "SYNOPSIS"
 .HP \w'\fBnamed\-rrchecker\fR\ 'u
 \fBnamed\-rrchecker\fR [\fB\-h\fR] [\fB\-o\ \fR\fB\fIorigin\fR\fR] [\fB\-p\fR] [\fB\-u\fR] [\fB\-C\fR] [\fB\-T\fR] [\fB\-P\fR]
index d828cea5727060569cfd9b2ae15af548ef4a4af0..a577689ac0a67b2423d3da3008ed18beb8b96634 100644 (file)
@@ -24,7 +24,7 @@
 <a name="man.named-rrchecker"></a><div class="titlepage"></div>
 <div class="refnamediv">
 <h2>Name</h2>
-<p><span class="application">named-rrchecker</span> &#8212; syntax checker for individual DNS resource records</p>
+<p><span class="application">named-rrchecker</span> &#8212; syntax checker for individual DNS resource records</p>
 </div>
 <div class="refsynopsisdiv">
 <h2>Synopsis</h2>
index f437f657d325516a10610952a934e07e30c0b3e7..633ed672baff44fca8f2302807edad1ed99ec356 100644 (file)
       </p>
 <div class="note" style="margin-left: 0.5in; margin-right: 0.5in;">
 <h3 class="title">Note</h3>
+<p>
         As a slave zone can also be a master to other slaves, <span class="command"><strong>named</strong></span>,
         by default, sends <span class="command"><strong>NOTIFY</strong></span> messages for every zone
         it loads.  Specifying <span class="command"><strong>notify master-only;</strong></span> will
         cause <span class="command"><strong>named</strong></span> to only send <span class="command"><strong>NOTIFY</strong></span> for master
         zones that it loads.
-      </div>
+      </p>
+</div>
 </div>
 <div class="section">
 <div class="titlepage"><div><div><h2 class="title" style="clear: both">
@@ -1064,9 +1066,11 @@ options {
 </pre>
 <div class="note" style="margin-left: 0.5in; margin-right: 0.5in;">
 <h3 class="title">Note</h3>
+<p>
           None of the keys listed in this example are valid.  In particular,
           the root key is not valid.
-        </div>
+        </p>
+</div>
 <p>
           When DNSSEC validation is enabled and properly configured,
           the resolver will reject any answers from signed, secure zones
@@ -1614,12 +1618,14 @@ $ <strong class="userinput"><code> /opt/pkcs11/usr/bin/softhsm-util --init-token
     </p>
 <div class="note" style="margin-left: 0.5in; margin-right: 0.5in;">
 <h3 class="title">Note</h3>
+<p>
       The latest OpenSSL versions as of this writing (January 2015)
       are 0.9.8zc, 1.0.0o, and 1.0.1j.
       ISC will provide updated patches as new versions of OpenSSL
       are released. The version number in the following examples
       is expected to change.
-    </div>
+    </p>
+</div>
 <p>
       Before building BIND 9 with PKCS#11 support, it will be
       necessary to build OpenSSL with the patch in place, and configure
@@ -1642,10 +1648,12 @@ $ <strong class="userinput"><code>patch -p1 -d openssl-0.9.8zc \
 </pre>
 <div class="note" style="margin-left: 0.5in; margin-right: 0.5in;">
 <h3 class="title">Note</h3>
-       Note that the patch file may not be compatible with the
+<p>
+       The patch file may not be compatible with the
        "patch" utility on all operating systems. You may need to
        install GNU patch.
-      </div>
+      </p>
+</div>
 <p>
        When building OpenSSL, place it in a non-standard
        location so that it does not interfere with OpenSSL libraries
index fadf671186452b19bbde5dafd11e6d653988a276..21b6a3652dc2b74a760c1c730ce9c990a08c9ecb 100644 (file)
                   followed by '%' to represent percents.
                 </p>
                 <p>
-                  The behaviour is exactly the same as
+                  The behavior is exactly the same as
                   <code class="varname">size_spec</code>, but
                   <code class="varname">size_or_percent</code> allows also
                   to specify a positive integer value followed by
@@ -3876,7 +3876,6 @@ options {
                   queries.
                   Caching may still occur as an effect the server's internal
                   operation, such as NOTIFY address lookups.
-                  See also <span class="command"><strong>fetch-glue</strong></span> above.
                 </p></dd>
 <dt><span class="term"><span class="command"><strong>request-nsid</strong></span></span></dt>
 <dd><p>
@@ -5242,13 +5241,15 @@ avoid-v6-udp-ports {};
                 </p>
 <div class="note" style="margin-left: 0.5in; margin-right: 0.5in;">
 <h3 class="title">Note</h3>
+<p>
                   If you do not wish the alternate transfer source
                   to be used, you should set
                   <span class="command"><strong>use-alt-transfer-source</strong></span>
                   appropriately and you should not depend upon
                   getting an answer back to the first refresh
                   query.
-                </div>
+                </p>
+</div>
 </dd>
 <dt><span class="term"><span class="command"><strong>alt-transfer-source-v6</strong></span></span></dt>
 <dd><p>
@@ -6334,7 +6335,7 @@ avoid-v6-udp-ports { 40000; range 50000 60000; };
                   may be sent while servicing a recursive query.
                   If more queries are sent, the recursive query
                   is terminated and returns SERVFAIL. Queries to
-                  look up top level comains such as "com" and "net"
+                  look up top level domains such as "com" and "net"
                   and the DNS root zone are exempt from this limitation.
                   The default is 75.
                 </p></dd>
@@ -6613,11 +6614,13 @@ avoid-v6-udp-ports { 40000; range 50000 60000; };
           </p>
 <div class="note" style="margin-left: 0.5in; margin-right: 0.5in;">
 <h3 class="title">Note</h3>
+<p>
             The real parent servers for these zones should disable all
             empty zone under the parent zone they serve.  For the real
             root servers, this is all built-in empty zones.  This will
             enable them to return referrals to deeper in the tree.
-          </div>
+          </p>
+</div>
 <div class="variablelist"><dl class="variablelist">
 <dt><span class="term"><span class="command"><strong>empty-server</strong></span></span></dt>
 <dd><p>
@@ -7055,7 +7058,7 @@ deny-answer-aliases { "example.net"; };
 <p>
                     A special form of local data is a CNAME whose target is a
                     wildcard such as *.example.com.
-                    It is used as if were an ordinary CNAME after the astrisk (*)
+                    It is used as if were an ordinary CNAME after the asterisk (*)
                     has been replaced with the query name.
                     The purpose for this special form is query logging in the
                     walled garden's authority DNS server.
@@ -9198,7 +9201,7 @@ example.com. NS ns2.example.net.
                     unsigned zone is transferred in or loaded from
                     disk and a signed version of the zone is served,
                     with possibly, a different serial number.  This
-                    behaviour is disabled by default.
+                    behavior is disabled by default.
                   </p></dd>
 <dt><span class="term"><span class="command"><strong>multi-master</strong></span></span></dt>
 <dd><p>
@@ -9413,7 +9416,7 @@ example.com. NS ns2.example.net.
                         The <em class="replaceable"><code>name</code></em> field
                         is subject to DNS wildcard expansion, and
                         this rule matches when the name being updated
-                        name is a valid expansion of the wildcard.
+                        is a valid expansion of the wildcard.
                       </p>
                     </td>
 </tr>
index 54d56fcb929fa0f135dc4d8f51fca99c3f7b8639..9ac05c223fbb7580b0cd63c7c0a6a0f312c017c9 100644 (file)
@@ -312,10 +312,12 @@ allow-query { !{ !10/8; any; }; key example; };
           </p>
 <div class="note" style="margin-left: 0.5in; margin-right: 0.5in;">
 <h3 class="title">Note</h3>
-            Note that if the <span class="command"><strong>named</strong></span> daemon is running as an
+<p>
+            If the <span class="command"><strong>named</strong></span> daemon is running as an
             unprivileged user, it will not be able to bind to new restricted
             ports if the server is reloaded.
-          </div>
+          </p>
+</div>
 </div>
 </div>
 <div class="section">
index 805853d581d5133bf47f3e2704e79ff09aac83b3..8fd712863860dc36ed3af7dc1bc94940c29e2507 100644 (file)
@@ -88,7 +88,7 @@
          records with an incorrect class to be be accepted,
          triggering a REQUIRE failure when those records
          were subsequently cached.  This flaw is disclosed
-         in CVE-2015-8000. [RT #4098]
+         in CVE-2015-8000. [RT #40987]
        </p></li>
 <li class="listitem"><p>
          An incorrect boundary check in the OPENPGPKEY rdatatype
 <div class="titlepage"><div><div><h3 class="title">
 <a name="relnotes_changes"></a>Feature Changes</h3></div></div></div>
 <div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; ">
+<li class="listitem"><p>
+         Updated the complied in addresses for H.ROOT-SERVERS.NET.
+       </p></li>
 <li class="listitem"><p>
          ACLs containing <span class="command"><strong>geoip asnum</strong></span> elements were
          not correctly matched unless the full organization name was
index 29529edee86ad663f2cf7fe47181e8f647ae7eed..86cc87436fbc6df48ebbad2b85297013beb5d756 100644 (file)
@@ -432,9 +432,13 @@ $ <strong class="userinput"><code>make</code></strong>
   </p></dd>
 </dl></div>
 <div class="note" style="margin-left: 0.5in; margin-right: 0.5in;">
-<h3 class="title">Note</h3>In practice, either -a or -r must be specified.  Others can
-   be optional; the underlying library routine tries to identify the
-   appropriate server and the zone name for the update.</div>
+<h3 class="title">Note</h3>
+<p>
+       In practice, either -a or -r must be specified.  Others can
+       be optional; the underlying library routine tries to identify the
+       appropriate server and the zone name for the update.
+   </p>
+</div>
 <p>
    Examples: assuming the primary authoritative server of the
    dynamic.example.com zone has an IPv6 address 2001:db8::1234,
index 0382467824607c11613fed2ffb8376fd031fa82c..08894680a0c386b84c1f1f675048d01666963082 100644 (file)
@@ -57,7 +57,7 @@
 <span class="refentrytitle"><a href="man.delv.html">delv</a></span><span class="refpurpose"> &#8212; DNS lookup and validation utility</span>
 </dt>
 <dt>
-<span class="refentrytitle"><a href="man.dnssec-checkds.html"><span class="application">dnssec-checkds</span></a></span><span class="refpurpose"> &#8212; A DNSSEC delegation consistency checking tool.</span>
+<span class="refentrytitle"><a href="man.dnssec-checkds.html"><span class="application">dnssec-checkds</span></a></span><span class="refpurpose"> &#8212; DNSSEC delegation consistency checking tool</span>
 </dt>
 <dt>
 <span class="refentrytitle"><a href="man.dnssec-coverage.html"><span class="application">dnssec-coverage</span></a></span><span class="refpurpose"> &#8212; checks future DNSKEY coverage for a zone</span>
@@ -66,7 +66,7 @@
 <span class="refentrytitle"><a href="man.dnssec-dsfromkey.html"><span class="application">dnssec-dsfromkey</span></a></span><span class="refpurpose"> &#8212; DNSSEC DS RR generation tool</span>
 </dt>
 <dt>
-<span class="refentrytitle"><a href="man.dnssec-importkey.html"><span class="application">dnssec-importkey</span></a></span><span class="refpurpose"> &#8212; Import DNSKEY records from external systems so they can be managed.</span>
+<span class="refentrytitle"><a href="man.dnssec-importkey.html"><span class="application">dnssec-importkey</span></a></span><span class="refpurpose"> &#8212; import DNSKEY records from external systems so they can be managed</span>
 </dt>
 <dt>
 <span class="refentrytitle"><a href="man.dnssec-keyfromlabel.html"><span class="application">dnssec-keyfromlabel</span></a></span><span class="refpurpose"> &#8212; DNSSEC key generation tool</span>
 <span class="refentrytitle"><a href="man.dnssec-keygen.html"><span class="application">dnssec-keygen</span></a></span><span class="refpurpose"> &#8212; DNSSEC key generation tool</span>
 </dt>
 <dt>
-<span class="refentrytitle"><a href="man.dnssec-revoke.html"><span class="application">dnssec-revoke</span></a></span><span class="refpurpose"> &#8212; Set the REVOKED bit on a DNSSEC key</span>
+<span class="refentrytitle"><a href="man.dnssec-revoke.html"><span class="application">dnssec-revoke</span></a></span><span class="refpurpose"> &#8212; set the REVOKED bit on a DNSSEC key</span>
 </dt>
 <dt>
-<span class="refentrytitle"><a href="man.dnssec-settime.html"><span class="application">dnssec-settime</span></a></span><span class="refpurpose"> &#8212; Set the key timing metadata for a DNSSEC key</span>
+<span class="refentrytitle"><a href="man.dnssec-settime.html"><span class="application">dnssec-settime</span></a></span><span class="refpurpose"> &#8212; set the key timing metadata for a DNSSEC key</span>
 </dt>
 <dt>
 <span class="refentrytitle"><a href="man.dnssec-signzone.html"><span class="application">dnssec-signzone</span></a></span><span class="refpurpose"> &#8212; DNSSEC zone signing tool</span>
 <span class="refentrytitle"><a href="man.named-journalprint.html"><span class="application">named-journalprint</span></a></span><span class="refpurpose"> &#8212; print zone journal in human-readable form</span>
 </dt>
 <dt>
-<span class="refentrytitle"><a href="man.named-rrchecker.html"><span class="application">named-rrchecker</span></a></span><span class="refpurpose"> &#8212; syntax checker for individual DNS resource records</span>
+<span class="refentrytitle"><a href="man.named-rrchecker.html"><span class="application">named-rrchecker</span></a></span><span class="refpurpose"> &#8212; syntax checker for individual DNS resource records</span>
 </dt>
 <dt>
 <span class="refentrytitle"><a href="man.nsupdate.html"><span class="application">nsupdate</span></a></span><span class="refpurpose"> &#8212; Dynamic DNS update utility</span>
index 268b8bea0910f4d30f997b8a5cdbbb3bd7ff33da..708572be9e5e6b66c076ef0e025a61b2c8b18d29 100644 (file)
 <span class="refentrytitle"><a href="man.delv.html">delv</a></span><span class="refpurpose"> &#8212; DNS lookup and validation utility</span>
 </dt>
 <dt>
-<span class="refentrytitle"><a href="man.dnssec-checkds.html"><span class="application">dnssec-checkds</span></a></span><span class="refpurpose"> &#8212; A DNSSEC delegation consistency checking tool.</span>
+<span class="refentrytitle"><a href="man.dnssec-checkds.html"><span class="application">dnssec-checkds</span></a></span><span class="refpurpose"> &#8212; DNSSEC delegation consistency checking tool</span>
 </dt>
 <dt>
 <span class="refentrytitle"><a href="man.dnssec-coverage.html"><span class="application">dnssec-coverage</span></a></span><span class="refpurpose"> &#8212; checks future DNSKEY coverage for a zone</span>
 <span class="refentrytitle"><a href="man.dnssec-dsfromkey.html"><span class="application">dnssec-dsfromkey</span></a></span><span class="refpurpose"> &#8212; DNSSEC DS RR generation tool</span>
 </dt>
 <dt>
-<span class="refentrytitle"><a href="man.dnssec-importkey.html"><span class="application">dnssec-importkey</span></a></span><span class="refpurpose"> &#8212; Import DNSKEY records from external systems so they can be managed.</span>
+<span class="refentrytitle"><a href="man.dnssec-importkey.html"><span class="application">dnssec-importkey</span></a></span><span class="refpurpose"> &#8212; import DNSKEY records from external systems so they can be managed</span>
 </dt>
 <dt>
 <span class="refentrytitle"><a href="man.dnssec-keyfromlabel.html"><span class="application">dnssec-keyfromlabel</span></a></span><span class="refpurpose"> &#8212; DNSSEC key generation tool</span>
 <span class="refentrytitle"><a href="man.dnssec-keygen.html"><span class="application">dnssec-keygen</span></a></span><span class="refpurpose"> &#8212; DNSSEC key generation tool</span>
 </dt>
 <dt>
-<span class="refentrytitle"><a href="man.dnssec-revoke.html"><span class="application">dnssec-revoke</span></a></span><span class="refpurpose"> &#8212; Set the REVOKED bit on a DNSSEC key</span>
+<span class="refentrytitle"><a href="man.dnssec-revoke.html"><span class="application">dnssec-revoke</span></a></span><span class="refpurpose"> &#8212; set the REVOKED bit on a DNSSEC key</span>
 </dt>
 <dt>
-<span class="refentrytitle"><a href="man.dnssec-settime.html"><span class="application">dnssec-settime</span></a></span><span class="refpurpose"> &#8212; Set the key timing metadata for a DNSSEC key</span>
+<span class="refentrytitle"><a href="man.dnssec-settime.html"><span class="application">dnssec-settime</span></a></span><span class="refpurpose"> &#8212; set the key timing metadata for a DNSSEC key</span>
 </dt>
 <dt>
 <span class="refentrytitle"><a href="man.dnssec-signzone.html"><span class="application">dnssec-signzone</span></a></span><span class="refpurpose"> &#8212; DNSSEC zone signing tool</span>
 <span class="refentrytitle"><a href="man.named-journalprint.html"><span class="application">named-journalprint</span></a></span><span class="refpurpose"> &#8212; print zone journal in human-readable form</span>
 </dt>
 <dt>
-<span class="refentrytitle"><a href="man.named-rrchecker.html"><span class="application">named-rrchecker</span></a></span><span class="refpurpose"> &#8212; syntax checker for individual DNS resource records</span>
+<span class="refentrytitle"><a href="man.named-rrchecker.html"><span class="application">named-rrchecker</span></a></span><span class="refpurpose"> &#8212; syntax checker for individual DNS resource records</span>
 </dt>
 <dt>
 <span class="refentrytitle"><a href="man.nsupdate.html"><span class="application">nsupdate</span></a></span><span class="refpurpose"> &#8212; Dynamic DNS update utility</span>
index f303ed742e8c32c8d8bae3a47cd461d87ead7eab..6137348ce60efba6652bb53857022e888e75aca9 100644 (file)
 <dt><span class="term">-p <em class="replaceable"><code>port</code></em></span></dt>
 <dd><p>
            Send the query to a non-standard port on the server,
-           instead of the defaut port 53. This option would be used
+           instead of the default port 53. This option would be used
            to test a name server that has been configured to listen
            for queries on a non-standard port number.
          </p></dd>
index 35b0d0ddda18b5f24da9bcbb593a0e39d029bb43..8dd13053bffa5275b40985e626a6fbcb2a852541 100644 (file)
@@ -42,7 +42,7 @@
 <a name="man.dnssec-checkds"></a><div class="titlepage"></div>
 <div class="refnamediv">
 <h2>Name</h2>
-<p><span class="application">dnssec-checkds</span> &#8212; A DNSSEC delegation consistency checking tool.</p>
+<p><span class="application">dnssec-checkds</span> &#8212; DNSSEC delegation consistency checking tool</p>
 </div>
 <div class="refsynopsisdiv">
 <h2>Synopsis</h2>
index 478ca15b37038ff9c2656b64781518d34a83cf87..5feae314d8a9c2c0a520a66b2c4adabdee87178d 100644 (file)
@@ -42,7 +42,7 @@
 <a name="man.dnssec-importkey"></a><div class="titlepage"></div>
 <div class="refnamediv">
 <h2>Name</h2>
-<p><span class="application">dnssec-importkey</span> &#8212; Import DNSKEY records from external systems so they can be managed.</p>
+<p><span class="application">dnssec-importkey</span> &#8212; import DNSKEY records from external systems so they can be managed</p>
 </div>
 <div class="refsynopsisdiv">
 <h2>Synopsis</h2>
index bca580301bb5cc248d865afdcdc44254acb5b94e..b07c1c94fb5897c0e6ccbe336b447b2a8c9a64dd 100644 (file)
@@ -42,7 +42,7 @@
 <a name="man.dnssec-revoke"></a><div class="titlepage"></div>
 <div class="refnamediv">
 <h2>Name</h2>
-<p><span class="application">dnssec-revoke</span> &#8212; Set the REVOKED bit on a DNSSEC key</p>
+<p><span class="application">dnssec-revoke</span> &#8212; set the REVOKED bit on a DNSSEC key</p>
 </div>
 <div class="refsynopsisdiv">
 <h2>Synopsis</h2>
index 9946cd0887513de396404de33faf3d2de0bbec3f..2a847b8d6d6e42d3f84342cc38d3df51cd0ee22f 100644 (file)
@@ -42,7 +42,7 @@
 <a name="man.dnssec-settime"></a><div class="titlepage"></div>
 <div class="refnamediv">
 <h2>Name</h2>
-<p><span class="application">dnssec-settime</span> &#8212; Set the key timing metadata for a DNSSEC key</p>
+<p><span class="application">dnssec-settime</span> &#8212; set the key timing metadata for a DNSSEC key</p>
 </div>
 <div class="refsynopsisdiv">
 <h2>Synopsis</h2>
index df84bb20cd8eaf8d798d15bca9eae68c6756c6ba..662c575cce0524be4a6fb15445caa3f1549ae12e 100644 (file)
@@ -42,7 +42,7 @@
 <a name="man.named-rrchecker"></a><div class="titlepage"></div>
 <div class="refnamediv">
 <h2>Name</h2>
-<p><span class="application">named-rrchecker</span> &#8212; syntax checker for individual DNS resource records</p>
+<p><span class="application">named-rrchecker</span> &#8212; syntax checker for individual DNS resource records</p>
 </div>
 <div class="refsynopsisdiv">
 <h2>Synopsis</h2>
index 8f6157ed49a4ac031627b54b51ae0d2efc81ebc0..ad26702a323d1217a6c2d083e37dd0e6e4b527e3 100644 (file)
@@ -49,7 +49,7 @@
          records with an incorrect class to be be accepted,
          triggering a REQUIRE failure when those records
          were subsequently cached.  This flaw is disclosed
-         in CVE-2015-8000. [RT #4098]
+         in CVE-2015-8000. [RT #40987]
        </p></li>
 <li class="listitem"><p>
          An incorrect boundary check in the OPENPGPKEY rdatatype
 <div class="titlepage"><div><div><h3 class="title">
 <a name="relnotes_changes"></a>Feature Changes</h3></div></div></div>
 <div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; ">
+<li class="listitem"><p>
+         Updated the complied in addresses for H.ROOT-SERVERS.NET.
+       </p></li>
 <li class="listitem"><p>
          ACLs containing <span class="command"><strong>geoip asnum</strong></span> elements were
          not correctly matched unless the full organization name was