From fa1f25ce833a51a5ddf89e71801d0f64dbbe5e2b Mon Sep 17 00:00:00 2001
From: Mark Andrews <marka@isc.org>
Date: Fri, 9 Sep 2016 11:52:19 +1000
Subject: [PATCH] add CVE-2016-2776

---
 doc/arm/notes.xml | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/doc/arm/notes.xml b/doc/arm/notes.xml
index 8e555c91f2..410e61bab8 100644
--- a/doc/arm/notes.xml
+++ b/doc/arm/notes.xml
@@ -42,6 +42,13 @@
 
   <section xml:id="relnotes_security"><info><title>Security Fixes</title></info>
     <itemizedlist>
+      <listitem>
+	<para>
+	  It was possible to trigger a assertion when rendering a
+	  message using a specially crafted request. This flaw is
+	  disclosed in CVE-2016-2776. [RT #43139]
+	</para>
+      </listitem>
       <listitem>
 	<para>
 	 getrrsetbyname with a non absolute name could trigger an