CHANGES, notes

author Matthijs Mekking <matthijs@isc.org>

Thu, 20 Dec 2018 09:22:02 +0000 (10:22 +0100)

committer Evan Hunt <each@isc.org>

Mon, 4 Feb 2019 23:08:38 +0000 (15:08 -0800)
author Matthijs Mekking <matthijs@isc.org>
Thu, 20 Dec 2018 09:22:02 +0000 (10:22 +0100)
committer Evan Hunt <each@isc.org>
Mon, 4 Feb 2019 23:08:38 +0000 (15:08 -0800)
diff --git a/CHANGES b/CHANGES

index 14940b83175999dd05ebea9dd76a95024ec9e0b0..8c24ab1b6d99bc566eb63ee4c66406096d6e0978 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,8 @@
+5118.  [security]      Named could crash if it is managing a key with
+                       `managed-keys` and the authoritative zone is rolling
+                       the key to an unsupported algorithm. (CVE-2018-5745)
+                       [GL #780]
+
         --- 9.12.3-P1 released ---
  
  5108.  [bug]           Named could fail to determine bottom of zone when
diff --git a/doc/arm/notes.xml b/doc/arm/notes.xml

index 0799f62d30128c70bb5c535289bc7a91f99b8908..ef9c8adb768ef52ad023a1fd8bb24ce0d02a2043 100644 (file)
--- a/doc/arm/notes.xml
+++ b/doc/arm/notes.xml
@@ -88,6 +88,14 @@
           for records in the zone. [GL #771]
         </para>
        </listitem>
+      <listitem>
+       <para>
+         <command>named</command> could crash if it managed a DNSSEC
+         security root with <command>managed-keys</command> and the
+         authoritative zone rolled the key to an algorithm not supported
+         by BIND 9.  This flaw is disclosed in CVE-2018-5745. [GL #780]
+       </para>
+      </listitem>
      </itemizedlist>
    </section>
author	Matthijs Mekking <matthijs@isc.org>
	Thu, 20 Dec 2018 09:22:02 +0000 (10:22 +0100)
committer	Evan Hunt <each@isc.org>
	Mon, 4 Feb 2019 23:08:38 +0000 (15:08 -0800)
CHANGES		patch \| blob \| blame \| history
doc/arm/notes.xml		patch \| blob \| blame \| history