CHANGES and release notes for [GL #4089]

diff --git a/CHANGES b/CHANGES
index b34478bf5c58717be3d20d86c9fbe7608f449401..9bcfe6270f9f2c39356c72ed260e38c2a7e1ea0c 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,10 @@
+6192.  [security]      A query that prioritizes stale data over lookup
+                       triggers a fetch to refresh the stale data in cache.
+                       If the fetch is aborted for exceeding the recursion
+                       quota, it was possible for 'named' to enter an infinite
+                       callback loop and crash due to stack overflow. This has
+                       been fixed. (CVE-2023-2911) [GL #4089]
+
 6190.  [security]      Improve the overmem cleaning process to prevent the
                        cache going over the configured limit. (CVE-2023-2828)
                        [GL #4055]

diff --git a/doc/notes/notes-current.rst b/doc/notes/notes-current.rst
index 78c3c048e2672690799202e361200c85c57921e5..3c706ebe986670c39588b4e3bb9060af9f4984a9 100644 (file)
--- a/doc/notes/notes-current.rst
+++ b/doc/notes/notes-current.rst
@@ -24,6 +24,12 @@ Security Fixes
   and Yuval Shavitt from Tel-Aviv University for bringing this vulnerability to
   our attention.  :gl:`#4055`
 
+- A query that prioritizes stale data over lookup triggers a fetch to refresh
+  the stale data in cache. If the fetch is aborted for exceeding the recursion
+  quota, it was possible for :iscman:`named` to enter an infinite callback
+  loop and crash due to stack overflow. This has been fixed. (CVE-2023-2911)
+  :gl:`#4089`
+
 New Features
 ~~~~~~~~~~~~