Add CHANGES and release note for [GL #4424]

author Ondřej Surý <ondrej@isc.org>

Tue, 16 Jan 2024 10:46:29 +0000 (11:46 +0100)

committer Michał Kępień <michal@isc.org>

Thu, 22 Feb 2024 12:22:01 +0000 (13:22 +0100)
author Ondřej Surý <ondrej@isc.org>
Tue, 16 Jan 2024 10:46:29 +0000 (11:46 +0100)
committer Michał Kępień <michal@isc.org>
Thu, 22 Feb 2024 12:22:01 +0000 (13:22 +0100)
diff --git a/CHANGES b/CHANGES

index e4d33bf0a1afa0a83d9d76bf3b38723c98480233..32a971c6a68d72a7b0d96f95bf8f12d3979e09e4 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -2,6 +2,14 @@
                         records are put in the beginning of the slabheader
                         linked list. [GL !8675]
  
+6322.  [security]      Specific DNS answers could cause a denial-of-service
+                       condition due to DNS validation taking a long time.
+                       (CVE-2023-50387) [GL #4424]
+
+                       The same code change also addresses another problem:
+                       preparing NSEC3 closest encloser proofs could exhaust
+                       available CPU resources. (CVE-2023-50868) [GL #4459]
+
  6315.  [security]      Speed up parsing of DNS messages with many different
                         names. (CVE-2023-4408) [GL #4234]
author	Ondřej Surý <ondrej@isc.org>
	Tue, 16 Jan 2024 10:46:29 +0000 (11:46 +0100)
committer	Michał Kępień <michal@isc.org>
	Thu, 22 Feb 2024 12:22:01 +0000 (13:22 +0100)