add CVE-2016-8864

diff --git a/doc/arm/notes.xml b/doc/arm/notes.xml
index ea0763bd5f7a974f27e7a455ed95492322c34c12..1ed9e155507c3f4c2b962fe62be753116f2642ce 100644 (file)
--- a/doc/arm/notes.xml
+++ b/doc/arm/notes.xml
@@ -23,6 +23,10 @@
     <para>
       This document summarizes changes since BIND 9.10.4:
     </para>
+    <para>
+      BIND 9.10.4-P4 addresses the security issue described in
+      CVE-2016-8864.
+    </para>
     <para>
       BIND 9.10.4-P3 addresses the security issue described in
       CVE-2016-2776 and addresses an interoperability issue with
@@ -53,6 +57,12 @@
 
   <section xml:id="relnotes_security"><info><title>Security Fixes</title></info>
     <itemizedlist>
+      <listitem>
+       <para>
+         It was possible to trigger assertions when processing 
+         a response. This flaw is disclosed in CVE-2016-8864. [RT #43465]
+       </para>
+      </listitem>
       <listitem>
        <para>
          It was possible to trigger a assertion when rendering a