From 0bf16e3d36c4abe5991db2d8992a680f000bf7d1 Mon Sep 17 00:00:00 2001
From: Mark Andrews <marka@isc.org>
Date: Wed, 17 Jun 2015 11:19:53 +1000
Subject: [PATCH] add release notes for CVE-2015-4620

(cherry picked from commit 572e95f52a2156ab6147e29dd271f94a6a533537)
---
 doc/arm/notes.xml | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/doc/arm/notes.xml b/doc/arm/notes.xml
index 833067c7f5..84824c5899 100644
--- a/doc/arm/notes.xml
+++ b/doc/arm/notes.xml
@@ -39,8 +39,16 @@
     <title>Security Fixes</title>
     <itemizedlist>
       <listitem>
-	<para>None</para>
-      </listitem>
+	<para>
+	  On servers configured to perform DNSSEC validation an
+	  assertion failure could be triggered on answers from
+	  a specially configured server.
+	</para>
+        <para>
+	  This flaw was discovered by Breno Silveira Soares, and is
+	  disclosed in CVE-2015-4620. [RT #39795]
+        </para>
+      </listitem> 
     </itemizedlist>
   </sect2>
   <sect2 id="relnotes_features">