From: Vladimír Čunát <vladimir.cunat@nic.cz>
Date: Thu, 24 Apr 2025 08:10:44 +0000 (+0200)
Subject: NEWS: classify these issues as "security"
X-Git-Tag: v6.0.12~1^2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f09ed9518bba2b0933048dc999bf1a18328487e7;p=thirdparty%2Fknot-resolver.git

NEWS: classify these issues as "security"

If an attacker can control client's queries
(and register names with malicious auths),
with enough work they probably can trigger the conditions often.
---

diff --git a/NEWS b/NEWS
index 4ff8bd37b..dfaa1475f 100644
--- a/NEWS
+++ b/NEWS
@@ -1,6 +1,12 @@
 Knot Resolver 6.0.12 (2025-0m-dd)
 =================================
 
+Security
+--------
+- DoS: fix rare crashes with either of the lines below (!1682)
+  [system] requirement "h && h->end > h->begin" failed in queue_pop_impl
+  [system] requirement "val == task" failed in session2_tasklist_del
+
 Bugfixes
 --------
 - daemon: fix DoH with multiple "parallel" queries in one connection (#931, !1677)
@@ -11,9 +17,6 @@ Bugfixes
 Improvements
 ------------
 - /local-data/rpz/*/watchdog: new configuration to enable watchdog for RPZ files (!1665)
-- daemon: fix rare crashes with either of the lines below
-  [system] requirement "h && h->end > h->begin" failed in queue_pop_impl
-  [system] requirement "val == task" failed in session2_tasklist_del
 
 
 Knot Resolver 6.0.11 (2025-02-26)