Add Release Note for [GL #2950]

author Petr Špaček <pspacek@isc.org>

Fri, 25 Feb 2022 14:14:23 +0000 (15:14 +0100)

committer Michał Kępień <michal@isc.org>

Thu, 3 Mar 2022 12:33:00 +0000 (13:33 +0100)
author Petr Špaček <pspacek@isc.org>
Fri, 25 Feb 2022 14:14:23 +0000 (15:14 +0100)
committer Michał Kępień <michal@isc.org>
Thu, 3 Mar 2022 12:33:00 +0000 (13:33 +0100)
diff --git a/doc/notes/notes-current.rst b/doc/notes/notes-current.rst

index d4649724e2e14306d43856f5940916727ab78f45..3b0f2602fa7205a76e7674f893bfb02eb09bad39 100644 (file)
--- a/doc/notes/notes-current.rst
+++ b/doc/notes/notes-current.rst
@@ -15,7 +15,14 @@ Notes for BIND 9.16.27
  Security Fixes
  ~~~~~~~~~~~~~~
  
-- None.
+- The rules for acceptance of records into the cache have been tightened
+  to prevent the possibility of poisoning if forwarders send records
+  outside the configured bailiwick. (CVE-2021-25220)
+
+  ISC would like to thank Xiang Li, Baojun Liu, and Chaoyi Lu from
+  Network and Information Security Lab, Tsinghua University, and
+  Changgen Zou from Qi An Xin Group Corp. for bringing this
+  vulnerability to our attention. :gl:`#2950`
  
  Known Issues
  ~~~~~~~~~~~~
author	Petr Špaček <pspacek@isc.org>
	Fri, 25 Feb 2022 14:14:23 +0000 (15:14 +0100)
committer	Michał Kępień <michal@isc.org>
	Thu, 3 Mar 2022 12:33:00 +0000 (13:33 +0100)