From: Evan Hunt <each@isc.org>
Date: Thu, 3 Jan 2019 19:04:41 +0000 (-0800)
Subject: CHANGES, release note
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=bf3930518cb925066ed73794c3e075831484cd0f;p=thirdparty%2Fbind9.git

CHANGES, release note

(cherry picked from commit ef15f7360784c5ec7341f3e4856a759cf1e2aedb)
(cherry picked from commit 802600b19d9adf9733e6577682c4ddaf3613e961)
---

diff --git a/CHANGES b/CHANGES
index 0101bfc4d53..cad2453659e 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,7 @@
+5200.	[security]	tcp-clients settings could be exceeded in some cases,
+			which could lead to exhaustion of file descriptors.
+			(CVE-2018-5743) [GL #615]
+
 5199.	[security]	In certain configurations, named could crash
 			if nxdomain-redirect was in use and a redirected
 			query resulted in an NXDOMAIN from the cache.
diff --git a/doc/arm/notes.xml b/doc/arm/notes.xml
index 33b59547c31..1fe890917aa 100644
--- a/doc/arm/notes.xml
+++ b/doc/arm/notes.xml
@@ -48,6 +48,13 @@
 	  cache. This flaw is disclosed in CVE-2019-6467. [GL #880]
 	</para>
       </listitem>
+      <listitem>
+	<para>
+	  The TCP client quota set using the <command>tcp-clients</command>
+	  option could be exceeded in some cases. This could lead to
+	  exhaustion of file descriptors. (CVE-2018-5743) [GL #615]
+	</para>
+      </listitem>
     </itemizedlist>
   </section>