CHANGES, release note

author Evan Hunt <each@isc.org>

Tue, 12 Mar 2019 22:21:10 +0000 (15:21 -0700)

committer Ondřej Surý <ondrej@sury.org>

Thu, 25 Apr 2019 14:02:22 +0000 (16:02 +0200)
author Evan Hunt <each@isc.org>
Tue, 12 Mar 2019 22:21:10 +0000 (15:21 -0700)
committer Ondřej Surý <ondrej@sury.org>
Thu, 25 Apr 2019 14:02:22 +0000 (16:02 +0200)
diff --git a/CHANGES b/CHANGES

index 0b8494f518179f00e71e340187940d73909cb2bd..ae65fd45c80c7d37c754c22003e55034ea3f4822 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -55,7 +55,10 @@
  
  5200.  [placeholder]
  
-5199.  [placeholder]
+5199.  [security]      In certain configurations, named could crash
+                       if nxdomain-redirect was in use and a redirected
+                       query resulted in an NXDOMAIN from the cache.
+                       (CVE-2019-6467) [GL #880]
  
  5198.  [bug]           If a fetch context was being shut down and, at the same
                         time, we returned from qname minimization, an INSIST
diff --git a/doc/arm/notes.xml b/doc/arm/notes.xml

index 4ddca0057293aef9a9ad4a5bc1c23eff1102ddd6..ff01aaa38f82fe6b17e741cb4466bcccb5d07877 100644 (file)
--- a/doc/arm/notes.xml
+++ b/doc/arm/notes.xml
@@ -87,7 +87,10 @@
      <itemizedlist>
        <listitem>
          <para>
-         None.
+         In certain configurations, <command>named</command> could crash
+         with an assertion failure if <command>nxdomain-redirect</command>
+         was in use and a redirected query resulted in an NXDOMAIN from the
+         cache. This flaw is disclosed in CVE-2019-6467. [GL #880]
         </para>
        </listitem>
      </itemizedlist>
author	Evan Hunt <each@isc.org>
	Tue, 12 Mar 2019 22:21:10 +0000 (15:21 -0700)
committer	Ondřej Surý <ondrej@sury.org>
	Thu, 25 Apr 2019 14:02:22 +0000 (16:02 +0200)
CHANGES		patch \| blob \| blame \| history
doc/arm/notes.xml		patch \| blob \| blame \| history