CHANGES, release note

b4b4277f · Evan Hunt · 3f907b8b · b4b4277f · b4b4277f
Commit b4b4277f authored Jul 05, 2018 by Evan Hunt
--- a/CHANGES
+++ b/CHANGES
@@ -30,7 +30,9 @@
  
 4998.	[test]		Make resolver and cacheclean tests more civilized.
  
-4997.	[placeholder]
+4997.	[security]	named could crash during recursive processing
+			of DNAME records when "deny-answer-aliases" was
+			in use. (CVE-2018-5740) [GL #387]
  
 4996.	[bug]		dig: Handle malformed +ednsopt option. [GL #403]
  

--- a/doc/arm/notes.xml
+++ b/doc/arm/notes.xml
@@ -72,6 +72,13 @@
 	  remote queries. This flaw is disclosed in CVE-2018-5738. [GL #309]
 	</para>
      </listitem>
+      <listitem>
+	<para>
+	  <command>named</command> could crash during recursive processing
+	  of DNAME records when <command>deny-answer-aliases</command> was
+	  in use. This flaw is disclosed in CVE-2018-5740. [GL #387]
+	</para>
+      </listitem>
    </itemizedlist>
  </section>