CHANGES, notes

diff --git a/CHANGES b/CHANGES
index c43c9db24bed5d0727aa6bef50ea07de52645006..790d28111d44505edeeb23197deca7ac4f2d358b 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -157,7 +157,10 @@
 
 5119.  [placeholder]
 
-5118.  [placeholder]
+5118.  [security]      Named could crash if it is managing a key with
+                       `managed-keys` and the authoritative zone is rolling
+                       the key to an unsupported algorithm. (CVE-2018-5745)
+                       [GL #780]
 
 5117.  [placeholder]
 

diff --git a/doc/arm/notes.xml b/doc/arm/notes.xml
index 83cdfc2bae55148814aa074360f4accf27bf157d..e7ebbd0fb2ea3c97541540f9a53efa06ad1cffb3 100644 (file)
--- a/doc/arm/notes.xml
+++ b/doc/arm/notes.xml
@@ -140,6 +140,14 @@
          for records in the zone. [GL #771]
        </para>
       </listitem>
+      <listitem>
+       <para>
+         <command>named</command> could crash if it managed a DNSSEC
+         security root with <command>managed-keys</command> and the
+         authoritative zone rolled the key to an algorithm not supported
+         by BIND 9.  This flaw is disclosed in CVE-2018-5745. [GL #780]
+       </para>
+      </listitem>
     </itemizedlist>
   </section>