[v9_10_1_patch] add CVE

author Evan Hunt <each@isc.org>

Tue, 18 Nov 2014 08:05:13 +0000 (00:05 -0800)

committer Evan Hunt <each@isc.org>

Tue, 18 Nov 2014 08:08:33 +0000 (00:08 -0800)
author Evan Hunt <each@isc.org>
Tue, 18 Nov 2014 08:05:13 +0000 (00:05 -0800)
committer Evan Hunt <each@isc.org>
Tue, 18 Nov 2014 08:08:33 +0000 (00:08 -0800)
diff --git a/CHANGES b/CHANGES

index 3b9b0e6e570d5fef77a2be4726c0ec28034cf496..7629f361fbf1e9ff593a0a5e2a16cfacf2ea7000 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -13,15 +13,16 @@
                         named run-time, the previously loaded GeoIP
                         data could remain, potentially causing wrong
                         ACLs to be used or wrong results to be served
-                       based on geolocation. [RT #37720]
+                       based on geolocation (CVE-2014-8680). [RT #37720]
  
  4002.  [security]      Lookups in GeoIP databases that were not
-                       loaded could cause an assertion failure.
-                       [RT #37679]
+                       loaded could cause an assertion failure
+                       (CVE-2014-8680). [RT #37679]
  
  4001.  [security]      The caching of GeoIP lookups did not always
                         handle address families correctly, potentially
-                       resulting in an assertion failure. [RT #37672]
+                       resulting in an assertion failure (CVE-2014-8680).
+                       [RT #37672]
  
         --- 9.10.1 released ---
author	Evan Hunt <each@isc.org>
	Tue, 18 Nov 2014 08:05:13 +0000 (00:05 -0800)
committer	Evan Hunt <each@isc.org>
	Tue, 18 Nov 2014 08:08:33 +0000 (00:08 -0800)