This document summarizes changes since the last production
release on the BIND 9.10 branch.
Please see the
CHANGES file for a further
list of bug fixes and other changes.
The latest versions of BIND 9 software can always be found at http://www.isc.org/downloads/. There you will find additional information about each release, source code, and pre-compiled versions for Microsoft Windows operating systems.
As of BIND 9.10.6, Windows XP and Windows 2003 are no longer supported platforms for BIND; "XP" binaries are no longer available for download from ISC.
When recursion is enabled but the allow-recursion and allow-query-cache ACLs are not specified, they should be limited to local networks, but they were inadvertently set to match the default allow-query, thus allowing remote queries. This flaw is disclosed in CVE-2018-5738. [GL #309]
Add root key sentinel support which enables resolvers to test which trust anchors are configured for the root. To disable, add 'root-key-sentinel no;' to named.conf. [GL #37]
rndc reload could cause named to leak memory if it was invoked before the zone loading actions from a previous rndc reload command were completed. [RT #47076]
BIND 9.10 will be supported until June, 2018, at which time this final maintenance release will be published for the branch. For those needing long-term support, the current Extended Support Version is BIND 9.11, which will be supported until at least December, 2021. The current stable branch is BIND 9.12. See https://www.isc.org/downloads/software-support-policy/ for details of ISC's software support policy.
Thank you to everyone who assisted us in making this release possible. If you would like to contribute to ISC to assist us in continuing to make quality open source software, please visit our donations page at http://www.isc.org/donate/.