add CHANGES and release note entries

(cherry picked from commit 8134c9a3f3bf46455ce4d16f2bf01e086d20f69b)

diff --git a/CHANGES b/CHANGES
index 3f9e8ec0680ef4bf77172d87c503791f5b7201ae..deece4bf08376464edf12b911cc411b04cc3ee57 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -101,6 +101,9 @@
 5111.  [bug]           Occluded DNSKEY records could make it into the
                        delegating NSEC/NSEC3 bitmap. [GL #742]
 
+5110.  [security]      Named leaked memory if there were multiple Key Tag
+                       EDNS options present. (CVE-2018-5744) [GL #772]
+
 5108.  [bug]           Named could fail to determine bottom of zone when
                        removing out of date keys leading to invalid NSEC
                        and NSEC3 records being added to the zone. [GL #771]

diff --git a/doc/arm/notes.xml b/doc/arm/notes.xml
index 6b89fce96f8fb21055a2737c21edde224112f093..d210b7088fe06dd9d86681e8ba4d39ce5a824df8 100644 (file)
--- a/doc/arm/notes.xml
+++ b/doc/arm/notes.xml
@@ -96,6 +96,15 @@
          by BIND 9.  This flaw is disclosed in CVE-2018-5745. [GL #780]
        </para>
       </listitem>
+      <listitem>
+       <para>
+         <command>named</command> leaked memory when processing a
+         request with multiple Key Tag EDNS options present. ISC
+         would like to thank Toshifumi Sakaguchi for bringing this
+         to our attention.  This flaw is disclosed in CVE-2018-5744.
+         [GL #772]
+       </para>
+      </listitem>
     </itemizedlist>
   </section>