1.. Copyright (C) Internet Systems Consortium, Inc. ("ISC")
2..
3.. SPDX-License-Identifier: MPL-2.0
4..
5.. This Source Code Form is subject to the terms of the Mozilla Public
6.. License, v. 2.0.  If a copy of the MPL was not distributed with this
7.. file, you can obtain one at https://mozilla.org/MPL/2.0/.
8..
9.. See the COPYRIGHT file distributed with this work for additional
10.. information regarding copyright ownership.
11
12Notes for BIND 9.18.9
13---------------------
14
15Bug Fixes
16~~~~~~~~~
17
18- A crash was fixed that happened when a :any:`dnssec-policy` zone that
19  used NSEC3 was reconfigured to enable :any:`inline-signing`.
20  :gl:`#3591`
21
22- In certain resolution scenarios, quotas could be erroneously reached
23  for servers, including any configured forwarders, resulting in
24  SERVFAIL answers being sent to clients. This has been fixed.
25  :gl:`#3598`
26
27- ``rpz-ip`` rules in :any:`response-policy` zones could be ineffective
28  in some cases if a query had the CD (Checking Disabled) bit set to 1.
29  This has been fixed. :gl:`#3247`
30
31- Previously, if Internet connectivity issues were experienced during
32  the initial startup of :iscman:`named`, a BIND resolver with
33  :any:`dnssec-validation` set to ``auto`` could enter into a state
34  where it would not recover without stopping :iscman:`named`, manually
35  deleting the ``managed-keys.bind`` and ``managed-keys.bind.jnl``
36  files, and starting :iscman:`named` again. This has been fixed.
37  :gl:`#2895`
38
39- The statistics counter representing the current number of clients
40  awaiting recursive resolution results (``RecursClients``) could
41  overflow in certain resolution scenarios. This has been fixed.
42  :gl:`#3584`
43
44- Previously, the port in remote servers such as in :any:`primaries` and
45  :any:`parental-agents` could be wrongly configured because of an
46  inheritance bug. This has been fixed. :gl:`#3627`
47
48- Previously, BIND failed to start on Solaris-based systems with
49  hundreds of CPUs. This has been fixed. :gl:`#3563`
50
51- When a DNS resource record's TTL value was equal to the resolver's
52  configured :any:`prefetch` "eligibility" value, the record was
53  erroneously not treated as eligible for prefetching. This has been
54  fixed. :gl:`#3603`
55
56Known Issues
57~~~~~~~~~~~~
58
59- There are no new known issues with this release. See :ref:`above
60  <relnotes_known_issues>` for a list of all known issues affecting this
61  BIND 9 branch.
62