From: Vladimír Čunát <vladimir.cunat@nic.cz>
Date: Mon, 22 Jan 2018 10:45:44 +0000 (+0100)
Subject: security release 1.5.2
X-Git-Tag: v1.5.2^0
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=bf4fd3145e68a1b8ab80dc62c9bbbf97943b4c83;p=thirdparty%2Fknot-resolver.git

security release 1.5.2
---

diff --git a/NEWS b/NEWS
index c375ed0b0..b44f6c906 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,18 @@
+Knot Resolver 1.5.2 (2017-01-22)
+================================
+
+Security
+--------
+- fix CVE-2018-1000002: insufficient DNSSEC validation, allowing
+  attackers to deny existence of some data by forging packets.
+  Some combinations pointed out in RFC 6840 sections 4.1 and 4.3
+  were not taken into account.
+
+Bugfixes
+--------
+- memcached: fix fallout from module rename in 1.5.1
+
+
 Knot Resolver 1.5.1 (2017-12-12)
 ================================
 
diff --git a/config.mk b/config.mk
index 3bdb65f18..a708c24bd 100644
--- a/config.mk
+++ b/config.mk
@@ -1,7 +1,7 @@
 # Project
 MAJOR := 1
 MINOR := 5
-PATCH := 1
+PATCH := 2
 EXTRA :=
 ABIVER := 4
 BUILDMODE := dynamic