update for CVE-2016-9444

author Mark Andrews <marka@isc.org>

Tue, 22 Nov 2016 01:46:27 +0000 (12:46 +1100)

committer Mark Andrews <marka@isc.org>

Tue, 22 Nov 2016 01:50:07 +0000 (12:50 +1100)
author Mark Andrews <marka@isc.org>
Tue, 22 Nov 2016 01:46:27 +0000 (12:46 +1100)
committer Mark Andrews <marka@isc.org>
Tue, 22 Nov 2016 01:50:07 +0000 (12:50 +1100)
diff --git a/README b/README

index 6739ffec32dec96fcb4e10007a45c2b0b7002aa1..880d801c874501a62239ca14a2e2bdfddd45218a 100644 (file)
--- a/README
+++ b/README
@@ -53,7 +53,8 @@ BIND 9
  
  BIND 9.10.4-P5
  
-       This version contains a fix for CVE-2016-9131 and CVE-2016-9147.
+       This version contains a fix for CVE-2016-9131, CVE-2016-9147
+       and CVE-2016-9444.
  
  BIND 9.10.4-P4
  
diff --git a/doc/arm/notes.xml b/doc/arm/notes.xml

index cb8266c46b2184b4f6ea5db5441c40d8444a9229..ca1ae803fd68ec1eec38655d1fe84b83ee4e61e8 100644 (file)
--- a/doc/arm/notes.xml
+++ b/doc/arm/notes.xml
@@ -25,7 +25,7 @@
      </para>
      <para>
        BIND 9.10.4-P5 addresses the security issues described in
-      CVE-2016-9131 and CVE-2016-9147.
+      CVE-2016-9131, CVE-2016-9147 and CVE-2016-9444.
      </para>
      <para>
        BIND 9.10.4-P4 addresses the security issue described in
@@ -61,6 +61,13 @@
  
    <section xml:id="relnotes_security"><info><title>Security Fixes</title></info>
      <itemizedlist>
+      <listitem>
+       <para>
+         Named could mishandle authority sections that were missing
+         RRSIGs triggering an assertion failure.  This flaw is
+         disclosed in CVE-2016-9444. [RT # 43632]
+       </para>
+      </listitem>
        <listitem>
         <para>
           Named mishandled some responses where covering RRSIG
author	Mark Andrews <marka@isc.org>
	Tue, 22 Nov 2016 01:46:27 +0000 (12:46 +1100)
committer	Mark Andrews <marka@isc.org>
	Tue, 22 Nov 2016 01:50:07 +0000 (12:50 +1100)
README		patch \| blob \| blame \| history
doc/arm/notes.xml		patch \| blob \| blame \| history