CHANGES, release note

author Evan Hunt <each@isc.org>

Fri, 20 Sep 2019 00:51:51 +0000 (17:51 -0700)

committer Evan Hunt <each@isc.org>

Wed, 2 Oct 2019 05:37:58 +0000 (22:37 -0700)
author Evan Hunt <each@isc.org>
Fri, 20 Sep 2019 00:51:51 +0000 (17:51 -0700)
committer Evan Hunt <each@isc.org>
Wed, 2 Oct 2019 05:37:58 +0000 (22:37 -0700)
diff --git a/CHANGES b/CHANGES

index 250df8baf08647b0850e6b4f1226fb693b5e2b4b..0e582e6c511e6490370345bf662aa3dbd43b1ada 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,4 +1,6 @@
-5299.  [placeholder]
+5299.  [security]      A flaw in DNSSEC verification when transferring
+                       mirror zones could allow data to be incorrectly
+                       marked valid. (CVE-2019-6475) [GL #16P]
  
  5298.  [security]      Named could assert if a forwarder returned a
                         referral, rather than resolving the query, when QNAME
diff --git a/doc/arm/notes-sec-fixes.xml b/doc/arm/notes-sec-fixes.xml

index 1ad79bdf1e8a5346fbb01e32f2428c723268f99e..67a60146a41f879b1d45bff119a0c2067589d6db 100644 (file)
--- a/doc/arm/notes-sec-fixes.xml
+++ b/doc/arm/notes-sec-fixes.xml
@@ -42,5 +42,12 @@
         disclosed in CVE-2019-6476. [GL #1501]
        </para>
      </listitem>
+    <listitem>
+      <para>
+       A flaw in DNSSEC verification when transferring mirror zones
+       could allow data to be incorrectly marked valid. This flaw
+       is disclosed in CVE-2019-6475. [GL #16P]
+      </para>
+    </listitem>
    </itemizedlist>
  </section>
author	Evan Hunt <each@isc.org>
	Fri, 20 Sep 2019 00:51:51 +0000 (17:51 -0700)
committer	Evan Hunt <each@isc.org>
	Wed, 2 Oct 2019 05:37:58 +0000 (22:37 -0700)
CHANGES		patch \| blob \| blame \| history
doc/arm/notes-sec-fixes.xml		patch \| blob \| blame \| history