Add CHANGES and release note for GL #1996

2025-08-29 13:38:26 +00:00 · 2020-07-31 09:39:46 +02:00 · 2020-07-31 09:39:46 +02:00 · f2b41e11b4
commit f2b41e11b4
parent 38264b6a4d
2 changed files with 8 additions and 2 deletions
--- a/4
+++ b/4
@ -18,7 +18,9 @@

 5479.	[placeholder]

-5478.	[placeholder]
+5478.	[security]	It was possible to trigger an assertion failure by
+			sending a specially crafted large TCP DNS message.
+			(CVE-2020-8620) [GL #1996]

 5477.	[bug]		The idle timeout for connected TCP sockets is now
 			derived from the client query processing timeout
--- a/doc/notes/notes-current.rst
+++ b/doc/notes/notes-current.rst
@ -14,7 +14,11 @@ Notes for BIND 9.17.4
 Security Fixes
 ~~~~~~~~~~~~~~

- None.
+- It was possible to trigger an assertion failure by sending a specially
+  crafted large TCP DNS message. This was disclosed in CVE-2020-8620.
+
+  ISC would like to thank Emanuel Almeida of Cisco Systems, Inc. for
+  bringing this vulnerability to our attention. [GL #1996]

 Known Issues
 ~~~~~~~~~~~~