Add release note entry for [GL #3216]

author Artem Boldariev <artem@boldariev.com>

Thu, 24 Mar 2022 11:18:39 +0000 (13:18 +0200)

committer Michal Nowak <mnowak@isc.org>

Wed, 4 May 2022 17:57:37 +0000 (19:57 +0200)
author Artem Boldariev <artem@boldariev.com>
Thu, 24 Mar 2022 11:18:39 +0000 (13:18 +0200)
committer Michal Nowak <mnowak@isc.org>
Wed, 4 May 2022 17:57:37 +0000 (19:57 +0200)
diff --git a/doc/notes/notes-current.rst b/doc/notes/notes-current.rst

index fd7a2d5acd2164dfd82bbee21038f902dfe8da21..c934af9de6eec6536d132d513dd93eb2fd3daad4 100644 (file)
--- a/doc/notes/notes-current.rst
+++ b/doc/notes/notes-current.rst
@@ -17,6 +17,14 @@ Security Fixes
  
  - None.
  
+- Previously, TLS socket objects could be destroyed prematurely, which
+  triggered assertion failures in :iscman:`named` instances serving
+  DNS-over-HTTPS (DoH) clients. This has been fixed.
+
+  ISC would like to thank Thomas Amgarten from arcade solutions ag for
+  bringing this vulnerability to our attention. (CVE-2022-1183)
+  :gl:`#3216`
+
  Known Issues
  ~~~~~~~~~~~~
author	Artem Boldariev <artem@boldariev.com>
	Thu, 24 Mar 2022 11:18:39 +0000 (13:18 +0200)
committer	Michal Nowak <mnowak@isc.org>
	Wed, 4 May 2022 17:57:37 +0000 (19:57 +0200)