CHANGES, release note

author Evan Hunt <each@isc.org>

Fri, 20 Sep 2019 00:51:51 +0000 (17:51 -0700)

committer Evan Hunt <each@isc.org>

Wed, 2 Oct 2019 05:38:45 +0000 (22:38 -0700)
author Evan Hunt <each@isc.org>
Fri, 20 Sep 2019 00:51:51 +0000 (17:51 -0700)
committer Evan Hunt <each@isc.org>
Wed, 2 Oct 2019 05:38:45 +0000 (22:38 -0700)
diff --git a/CHANGES b/CHANGES

index e9c8fe1025fc561432d9e3e2beb915a3e48053a8..12a1d8a54e8a18011e8d45d70287a3badb20400b 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,7 @@
+5299.  [security]      A flaw in DNSSEC verification when transferring
+                       mirror zones could allow data to be incorrectly
+                       marked valid. (CVE-2019-6475) [GL #16P]
+
  5298.  [security]      Named could assert if a forwarder returned a
                         referral, rather than resolving the query, when QNAME
                         minimization was enabled. (CVE-2019-6476) [GL #1051]
diff --git a/doc/arm/notes-sec-fixes.xml b/doc/arm/notes-sec-fixes.xml

index 3e718fa2fc8f6f79b44ae3b4e96b581383715239..14b960aebdde9a34e181f0c07a045a7fd08985e7 100644 (file)
--- a/doc/arm/notes-sec-fixes.xml
+++ b/doc/arm/notes-sec-fixes.xml
@@ -26,5 +26,12 @@
         disclosed in CVE-2019-6476. [GL #1501]
        </para>
      </listitem>
+    <listitem>
+      <para>
+       A flaw in DNSSEC verification when transferring mirror zones
+       could allow data to be incorrectly marked valid. This flaw
+       is disclosed in CVE-2019-6475. [GL #16P]
+      </para>
+    </listitem>
    </itemizedlist>
  </section>
author	Evan Hunt <each@isc.org>
	Fri, 20 Sep 2019 00:51:51 +0000 (17:51 -0700)
committer	Evan Hunt <each@isc.org>
	Wed, 2 Oct 2019 05:38:45 +0000 (22:38 -0700)
CHANGES		patch \| blob \| blame \| history
doc/arm/notes-sec-fixes.xml		patch \| blob \| blame \| history