add CVE, VU and CVSS

7ffe8661 · Mark Andrews · bed39bdf · 7ffe8661
Commit 7ffe8661 authored Nov 18, 2010 by Mark Andrews
--- a/CHANGES
+++ b/CHANGES
@@ -8,17 +8,25 @@
 			any matching RRSIG records.  A subsequent lookup of
 			of NO DATA cache entry could trigger a INSIST when the
 			unexpected RRSIG was also returned with the NO DATA
-			cache entry.  [RT #22288]
+			cache entry.
+
+			CVSS: 7.1 (AV:N/AC:M/Au:N/C:N/I:N/A:C/E:P/RL:O/RC:C)
+			CVE-2010-3613, VU#706148. [RT #22288]

 2969.	[security]	Fix acl type processing so that allow-query works
 			in options and view statements.  Also add a new
 			set of tests to verify proper functioning.
-			[RT #22418]
+
+			CVSS: 7.8 (AV:N/AC:L/Au:N/C:C/I:N/A:N/E:F/RL:O/RC:C)
+			CVE-2010-3615, VU#510208. [RT #22418]

 2968.	[security]	Named could fail to prove a data set was insecure
 			before marking it as insecure.  One set of conditions
 			that can trigger this occurs naturally when rolling
-			DNSKEY algorithms.  [RT #22309]
+			DNSKEY algorithms.
+
+			CVSS: 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N/E:P/RL:O/RC:C)
+			CVE-2010-3614, VU#837744. [RT #22309]

 2967.	[bug]		'host -D' now turns on debugging messages earlier.
 			[RT #22361]