update for CVE-2016-9444

diff --git a/README b/README
index 8f7eb97c19524593448d7a16b64e73de40b1b0ce..68a671fea979c6fa03a866db434510aeb65cbd30 100644 (file)
--- a/README
+++ b/README
@@ -53,7 +53,8 @@ BIND 9
 
 BIND 9.11.0-P2
 
-       This version contains a fix for CVE-2016-9131 and CVE-2016-9147.
+       This version contains a fix for CVE-2016-9131, CVE-2016-9147
+       and CVE-2016-9444.
 
 BIND 9.11.0-P1
 

diff --git a/doc/arm/notes.xml b/doc/arm/notes.xml
index 75de655f8784e5d24d879c30dde357fa15a69d4f..40e7a747b11a0ea127e55ca7ab4df0bca7e9fd25 100644 (file)
--- a/doc/arm/notes.xml
+++ b/doc/arm/notes.xml
@@ -17,7 +17,7 @@
     </para>
     <para>
       BIND 9.11.0-P2 addresses the security issues described in
-      CVE-2016-9131 and CVE-2016-9147.
+      CVE-2016-9131, CVE-2016-9147 and CVE-2016-9444.
     </para>
     <para>
       BIND 9.11.0-P1 addresses the security issue described in
@@ -40,10 +40,17 @@
     <itemizedlist>
       <listitem>
        <para>
-        Named mishandled some responses where covering RRSIG
-        records are returned without the requested data
-        resulting in a assertion failure. This flaw is disclosed in
-        CVE-2016-9147. [RT #43548]
+         Named could mishandle authority sections that were missing
+         RRSIGs triggering an assertion failure.  This flaw is
+         disclosed in CVE-2016-9444. [RT # 43632]
+       </para>
+      </listitem>
+      <listitem>
+       <para>
+         Named mishandled some responses where covering RRSIG
+         records are returned without the requested data
+         resulting in a assertion failure. This flaw is disclosed in
+         CVE-2016-9147. [RT #43548]
        </para>
       </listitem>
       <listitem>