From c63c6460198eae08223869e8c57e4f4f47f313dd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= <ondrej@isc.org>
Date: Mon, 14 Aug 2023 11:20:41 +0200
Subject: [PATCH] Add CHANGES and release notes for [GL #4124]

(cherry picked from commit 57c8bdaff569373c8ff2e55eaf93d1f669dcfabf)
---
 CHANGES                     | 3 +++
 doc/notes/notes-current.rst | 8 ++++++++
 2 files changed, 11 insertions(+)

diff --git a/CHANGES b/CHANGES
index 669b4a7e49..8c037bc7bc 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,6 @@
+6224.	[bug]		Check the If-Modified-Since value length to prevent
+			out-of-bounds write. [GL #4124]
+
 6220.	[func]		Deprecate the 'dialup' and 'heartbeat-interval'
 			options. [GL #3700]
 
diff --git a/doc/notes/notes-current.rst b/doc/notes/notes-current.rst
index 2cd8105186..e8e2cabdfb 100644
--- a/doc/notes/notes-current.rst
+++ b/doc/notes/notes-current.rst
@@ -37,6 +37,14 @@ Bug Fixes
 
 - None.
 
+- The value of If-Modified-Since header in statistics channel was not checked
+  for length leading to possible buffer overflow by an authorized user.  We
+  would like to emphasize that statistics channel must be properly setup to
+  allow access only from authorized users of the system. :gl:`#4124`
+
+  This was reported independently by Eric Sesterhenn of X41 D-SEC and Cameron
+  Whitehead.
+
 Known Issues
 ~~~~~~~~~~~~