add CHANGES and release note entries

(cherry picked from commit 8134c9a3f3bf46455ce4d16f2bf01e086d20f69b)
(cherry picked from commit 193e59fb06687055c675d21f1829644673ac8db2)

diff --git a/CHANGES b/CHANGES
index 51f35ba18e2cf52486e95c3f28f1c79235620266..bad641724d7646ce60e128d3fa676254b3532440 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -91,6 +91,9 @@
 5111.  [bug]           Occluded DNSKEY records could make it into the
                        delegating NSEC/NSEC3 bitmap. [GL #742]
 
+5110.  [security]      Named leaked memory if there were multiple Key Tag
+                       EDNS options present. (CVE-2018-5744) [GL #772]
+
 5108.  [bug]           Named could fail to determine bottom of zone when
                        removing out of date keys leading to invalid NSEC
                        and NSEC3 records being added to the zone. [GL #771]

diff --git a/doc/arm/notes.xml b/doc/arm/notes.xml
index b1ee51bb7cec35dfd8982f691c04bd23f122879d..edb202459427c55f332fd8b10dcc5b91a88ef02b 100644 (file)
--- a/doc/arm/notes.xml
+++ b/doc/arm/notes.xml
@@ -114,6 +114,15 @@
          by BIND 9.  This flaw is disclosed in CVE-2018-5745. [GL #780]
        </para>
       </listitem>
+      <listitem>
+       <para>
+         <command>named</command> leaked memory when processing a
+         request with multiple Key Tag EDNS options present. ISC
+         would like to thank Toshifumi Sakaguchi for bringing this
+         to our attention.  This flaw is disclosed in CVE-2018-5744.
+         [GL #772]
+       </para>
+      </listitem>
     </itemizedlist>
   </section>