Add release note for [GL #4152]

2025-08-30 22:15:20 +00:00 · 2023-06-20 15:38:40 +10:00
parent 6af8d39ea2
commit ecd77e610b
1 changed files with 7 additions and 1 deletions
--- a/doc/notes/notes-current.rst
+++ b/doc/notes/notes-current.rst
@@ -15,7 +15,13 @@ Notes for BIND 9.19.17
 Security Fixes
 ~~~~~~~~~~~~~~

- None.
+- Previously, sending a specially crafted message over the control
+  channel could cause the packet-parsing code to run out of available
+  stack memory, causing :iscman:`named` to terminate unexpectedly.
+  This has been fixed. (CVE-2023-3341)
+
+  ISC would like to thank Eric Sesterhenn from X41 D-Sec GmbH for
+  bringing this vulnerability to our attention. :gl:`#4152`

 New Features
 ~~~~~~~~~~~~