From 228a29da4b1f6b70edbbca5a06f0072e1325b3ba Mon Sep 17 00:00:00 2001
From: Evan Hunt <each@isc.org>
Date: Thu, 3 Jan 2019 11:04:41 -0800
Subject: [PATCH] CHANGES, release note

(cherry picked from commit 244e44af432121a05e0a308b7ccce96a8ecd28ab)
(cherry picked from commit 79fad84bf6981dfd2a13971d966c0ebee057c448)
---
 CHANGES           | 4 ++++
 doc/arm/notes.xml | 7 +++++++
 2 files changed, 11 insertions(+)

diff --git a/CHANGES b/CHANGES
index 9e503a9f2b..c90a2b7cff 100644
--- a/CHANGES
+++ b/CHANGES
@@ -51,6 +51,10 @@
 
 5201.	[bug]		Fix a possible deadlock in RPZ update code. [GL #973]
 
+5200.	[security]	tcp-clients settings could be exceeded in some cases,
+			which could lead to exhaustion of file descriptors.
+			(CVE-2018-5743) [GL #615]
+
 5199.	[security]	In certain configurations, named could crash
 			if nxdomain-redirect was in use and a redirected
 			query resulted in an NXDOMAIN from the cache.
diff --git a/doc/arm/notes.xml b/doc/arm/notes.xml
index 225a68245e..1d8747ae95 100644
--- a/doc/arm/notes.xml
+++ b/doc/arm/notes.xml
@@ -96,6 +96,13 @@
 	  cache. This flaw is disclosed in CVE-2019-6467. [GL #880]
 	</para>
       </listitem>
+      <listitem>
+	<para>
+	  The TCP client quota set using the <command>tcp-clients</command>
+	  option could be exceeded in some cases. This could lead to
+	  exhaustion of file descriptors. (CVE-2018-5743) [GL #615]
+	</para>
+      </listitem>
     </itemizedlist>
   </section>