Add CHANGES and release notes for [GL #3619]

2025-08-31 06:25:31 +00:00 · 2022-11-14 12:30:49 +00:00
parent ec2098ca35
commit d08a478b42
2 changed files with 11 additions and 1 deletions
--- a/3
+++ b/3
@@ -1,4 +1,5 @@
-6067.	[placeholder]
+6067.	[security]	Fix serve-stale crash when recursive clients soft quota
+			is reached. (CVE-2022-3924) [GL #3619]

 6066.	[security]	Handle RRSIG lookups when serve-stale is active.
 			(CVE-2022-3736) [GL #3622]
--- a/doc/notes/notes-current.rst
+++ b/doc/notes/notes-current.rst
@@ -32,6 +32,15 @@ Security Fixes
  Iratxe Niño from Fundación Sarenet) for bringing this vulnerability to
  our attention. :gl:`#3622`

+- :iscman:`named` running as a resolver with the
+  :any:`stale-answer-client-timeout` option set to any value greater
+  than ``0`` could crash with an assertion failure, when the
+  :any:`recursive-clients` soft quota was reached. This has been fixed.
+  (CVE-2022-3924)
+
+  ISC would like to thank Maksym Odinintsev from AWS for bringing this
+  vulnerability to our attention. :gl:`#3619`
+
 New Features
 ~~~~~~~~~~~~