Mention CVE-2023-50868 in CHANGES entry 6322

Since CVE-2023-50868 does not have a dedicated fix in BIND 9, mention
its CVE identifier in the CHANGES entry for CVE-2023-50387 (KeyTrap),
which accompanied the code change that addresses both of these
vulnerabilities.

diff --git a/CHANGES b/CHANGES
index 8dcb70e0e07cec9cd57d578b1aa3bb9e13955791..8498e65a83083c51da315d32b1a39eb4bc6c678f 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -85,6 +85,10 @@
                        condition due to DNS validation taking a long time.
                        (CVE-2023-50387) [GL #4424]
 
+                       The same code change also addresses another problem:
+                       preparing NSEC3 closest encloser proofs could exhaust
+                       available CPU resources. (CVE-2023-50868) [GL #4459]
+
 6321.  [security]      Change 6315 inadvertently introduced regressions that
                        could cause named to crash. [GL #4234]