The ISC have made a breaking change to BIND in version 9.20.0.
We've updated the stealth secondary sample.named.conf with the required change, otherwise
if you receive "too many records" errors you can add
max-records-per-type 0
to misbehaving zones.
This should not be a major problem with the security issue as you should not have too many clients, and there are only a few names with a large number of associated RRs.