Add CHANGES note for [GL #3491]

author Aram Sargsyan <aram@isc.org>

Thu, 18 Aug 2022 09:20:21 +0000 (09:20 +0000)

committer Michał Kępień <michal@isc.org>

Thu, 8 Sep 2022 09:46:20 +0000 (11:46 +0200)
author Aram Sargsyan <aram@isc.org>
Thu, 18 Aug 2022 09:20:21 +0000 (09:20 +0000)
committer Michał Kępień <michal@isc.org>
Thu, 8 Sep 2022 09:46:20 +0000 (11:46 +0200)
diff --git a/CHANGES b/CHANGES

index a8cf9b21e8fc1382f894b7e5955a3c352c398d58..5456bcf7d23b5777fa4b71f29db9ae396e7f0a61 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,8 @@
+5959.  [security]      Fix memory leaks in the DH code when using OpenSSL 3.0.0
+                       and later versions. The openssldh_compare(),
+                       openssldh_paramcompare(), and openssldh_todns()
+                       functions were affected. (CVE-2022-2906) [GL #3491]
+
  5958.  [security]      When an HTTP connection was reused to get
                         statistics from the stats channel, and zlib
                         compression was in use, each successive
author	Aram Sargsyan <aram@isc.org>
	Thu, 18 Aug 2022 09:20:21 +0000 (09:20 +0000)
committer	Michał Kępień <michal@isc.org>
	Thu, 8 Sep 2022 09:46:20 +0000 (11:46 +0200)