CHANGES, release note

(cherry picked from commit 9c492aba65c178f30baafeb5502013f95a9d5b9a) (cherry picked from commit ecb90158b6)
2026-06-14 11:40:03 -04:00 · 2018-07-05 20:48:26 -07:00 · 2018-07-05 20:48:26 -07:00 · ebee5bdfe5
commit ebee5bdfe5
parent 02e8b3f8dc
2 changed files with 11 additions and 0 deletions
--- a/4
+++ b/4
@ -27,6 +27,10 @@
 4990.	[bug]		Prevent a possible NULL reference in pkcs11-keygen.
 			[GL #401]

+4997.	[security]	named could crash during recursive processing
+			of DNAME records when "deny-answer-aliases" was
+			in use. (CVE-2018-5740) [GL #387]
+
 	--- 9.11.4 released ---

 	--- 9.11.4rc2 released ---
--- a/doc/arm/notes.xml
+++ b/doc/arm/notes.xml
@ -76,6 +76,13 @@

  <section xml:id="relnotes_security"><info><title>Security Fixes</title></info>
    <itemizedlist>
+      <listitem>
+	<para>
+	  <command>named</command> could crash during recursive processing
+	  of DNAME records when <command>deny-answer-aliases</command> was
+	  in use. This flaw is disclosed in CVE-2018-5740. [GL #387]
+	</para>
+      </listitem>
      <listitem>
 	<para>
 	  When recursion is enabled but the <command>allow-recursion</command>