From 50405828436d8a61e253f1c6cd38271c7e097292 Mon Sep 17 00:00:00 2001
From: Mark Andrews <marka@isc.org>
Date: Tue, 31 Mar 2020 14:02:22 +1100
Subject: [PATCH] Add CHANGES entry

---
 CHANGES | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/CHANGES b/CHANGES
index 7819b610f5..66fcf12ea0 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,10 @@
+5395.	[security]	Further limit the number of queries that can be
+			triggered from a request.  Root and TLD servers
+			are no longer exempt from max-recursion-queries.
+			Fetches for missing name server address records
+			are limited to 4 for any domain. (CVE-2020-8616)
+			[GL #1388]
+
 5390.	[security]	Replaying a TSIG BADTIME response as a request could
 			trigger an assertion failure. (CVE-2020-8617)
 			[GL #1703]