diff --git a/CHANGES b/CHANGES
index ea4c1e16a6..b636576dc0 100644
--- a/CHANGES
+++ b/CHANGES
@@ -71,7 +71,8 @@
 
 1839.	[bug]		<isc/hash.h> was not being installed.
 
-1838.	[placeholder]	rt13707
+1838.	[cleanup]	Don't allow Linux capabilities to be inherited.
+			[RT #13707]
 
 1837.	[bug]		Compile time option ISC_FACILITY was not effective
 			for 'named -u <user>'.  [RT #13714]
diff --git a/bin/named/unix/os.c b/bin/named/unix/os.c
index e453c7b488..43907bf1ef 100644
--- a/bin/named/unix/os.c
+++ b/bin/named/unix/os.c
@@ -15,7 +15,7 @@
  * PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: os.c,v 1.74 2005/04/27 04:56:02 sra Exp $ */
+/* $Id: os.c,v 1.75 2005/05/20 01:37:03 marka Exp $ */
 
 /*! \file */
 
@@ -164,7 +164,7 @@ linux_setcaps(unsigned int caps) {
 	memset(&cap, 0, sizeof(cap));
 	cap.effective = caps;
 	cap.permitted = caps;
-	cap.inheritable = caps;
+	cap.inheritable = 0;
 	if (syscall(SYS_capset, &caphead, &cap) < 0) {
 		isc__strerror(errno, strbuf, sizeof(strbuf));
 		ns_main_earlyfatal("capset failed: %s:"
diff --git a/doc/private/branches b/doc/private/branches
index 94c74fbddd..092178d01b 100644
--- a/doc/private/branches
+++ b/doc/private/branches
@@ -32,8 +32,8 @@ rt13587				review
 rt13606				open	marka	// TSIG SHA256
 rt13662				new	
 rt13694				new	
-rt13707				new	
-rt13714				13714	
+rt13707				closed	
+rt13714				closed	
 rt13753				new	
 rt13754				new	
 rt13771				new