commit 2e9d79f169663c9aff5f0dcdc626a2cd2dbb5892
Author: Evan Hunt <each@isc.org>
Date:   Tue Feb 3 18:30:38 2015 -0800

    [v9_9_6_patch] avoid crash due to managed-key rollover
    
    4053.	[security]	Revoking a managed trust anchor and supplying
    			an untrusted replacement could cause named
    			to crash with an assertion failure.
    			(CVE-2015-1349) [RT #38344]

diff --git a/lib/dns/zone.c b/lib/dns/zone.c
index 7a9825b..5db2844 100644
--- a/lib/dns/zone.c
+++ b/lib/dns/zone.c
@@ -8508,6 +8508,12 @@ keyfetch_done(isc_task_t *task, isc_event_t *event) {
 					     namebuf, tag);
 				trustkey = ISC_TRUE;
 			}
+		} else {
+			/*
+			 * No previously known key, and the key is not
+			 * secure, so skip it.
+			 */
+			continue;
 		}
 
 		/* Delete old version */
@@ -8556,7 +8562,7 @@ keyfetch_done(isc_task_t *task, isc_event_t *event) {
 			trust_key(zone, keyname, &dnskey, mctx);
 		}
 
-		if (!deletekey) {
+		if (secure && !deletekey) {
 			INSIST(newkey || updatekey);
 			set_refreshkeytimer(zone, &keydata, now);
 		}