There are some security fixes:

Security Fixes
named could crash during recursive processing of DNAME records when deny-answer-aliases was in use. This flaw is disclosed in CVE-2018-5740. [GL #387]

When recursion is enabled but the allow-recursion and allow-query-cache ACLs are not specified, they should be limited to local networks, but they were inadvertently set to match the default allow-query, thus allowing remote queries. This flaw is disclosed in CVE-2018-5738. [GL #309]

The serve-stale feature could cause an assertion failure in rbtdb.c even when stale-answer-enable was false. The simultaneous use of stale cache records and NSEC aggressive negative caching could trigger a recursion loop in the named process. This flaw is disclosed in CVE-2018-5737. [GL #185]

A bug in zone database reference counting could lead to a crash when multiple versions of a slave zone were transferred from a master in close succession. This flaw is disclosed in CVE-2018-5736. [GL #134]
Full changelog:

https://kb.isc.org/article/AA-01645/...ase-Notes.html