From: Mark Andrews <marka@isc.org>
Date: Sun, 9 Dec 2018 22:13:05 +0000 (+1100)
Subject: add CHANGES and release note entries
X-Git-Tag: v9.12.4rc1~4^2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=78928f17ee188992f84151f0ad6d5f3def5a335f;p=thirdparty%2Fbind9.git

add CHANGES and release note entries

(cherry picked from commit 8134c9a3f3bf46455ce4d16f2bf01e086d20f69b)
---

diff --git a/CHANGES b/CHANGES
index 3f9e8ec0680..deece4bf083 100644
--- a/CHANGES
+++ b/CHANGES
@@ -101,6 +101,9 @@
 5111.	[bug]		Occluded DNSKEY records could make it into the
 			delegating NSEC/NSEC3 bitmap. [GL #742]
 
+5110.	[security]	Named leaked memory if there were multiple Key Tag
+			EDNS options present. (CVE-2018-5744) [GL #772]
+
 5108.	[bug]		Named could fail to determine bottom of zone when
 			removing out of date keys leading to invalid NSEC
 			and NSEC3 records being added to the zone. [GL #771]
diff --git a/doc/arm/notes.xml b/doc/arm/notes.xml
index 6b89fce96f8..d210b7088fe 100644
--- a/doc/arm/notes.xml
+++ b/doc/arm/notes.xml
@@ -96,6 +96,15 @@
 	  by BIND 9.  This flaw is disclosed in CVE-2018-5745. [GL #780]
 	</para>
       </listitem>
+      <listitem>
+	<para>
+	  <command>named</command> leaked memory when processing a
+	  request with multiple Key Tag EDNS options present. ISC
+	  would like to thank Toshifumi Sakaguchi for bringing this
+	  to our attention.  This flaw is disclosed in CVE-2018-5744.
+	  [GL #772]
+	</para>
+      </listitem>
     </itemizedlist>
   </section>