From 7f24d4b4764d6cb8665cf1ca8118ad7eef991eff Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= <ondrej@isc.org>
Date: Wed, 17 Jun 2020 14:28:23 +0200
Subject: [PATCH] Add CHANGES and release note for #1933

---
 CHANGES                     | 2 ++
 doc/notes/notes-current.rst | 7 ++++++-
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/CHANGES b/CHANGES
index 4d69ed5372..1ef3b55bf8 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,5 @@
+5445.	[cleanup]	Disable and disallow static linking. [GL #1933]
+
 5444.	[bug]		'rndc dnstap -roll <value>' was not limiting the
 			number of saved files to <value>. [GL !3728]
 
diff --git a/doc/notes/notes-current.rst b/doc/notes/notes-current.rst
index 862929d49e..8c6e86a3b9 100644
--- a/doc/notes/notes-current.rst
+++ b/doc/notes/notes-current.rst
@@ -29,7 +29,12 @@ New Features
 Feature Changes
 ~~~~~~~~~~~~~~~
 
-- None.
+- Disable and disallow static linking of BIND 9 binaries and libraries
+  as BIND 9 modules require ``dlopen()`` support and static linking also
+  prevents using security features like read-only relocations (RELRO) or
+  address space layout randomization (ASLR) which are important for
+  programs that interact with the network and process arbitrary user
+  input. [GL #1933]
 
 Bug Fixes
 ~~~~~~~~~