Add Release Note for [GL #2950]

2022-02-25 15:14:23 +01:00
parent 612f277877
commit 51546e8892
1 changed files with 8 additions and 1 deletions
--- a/doc/notes/notes-current.rst
+++ b/doc/notes/notes-current.rst
@@ -15,7 +15,14 @@ Notes for BIND 9.17.23
 Security Fixes
 ~~~~~~~~~~~~~~

- None.
+- The rules for acceptance of records into the cache have been tightened
+  to prevent the possibility of poisoning if forwarders send records
+  outside the configured bailiwick. (CVE-2021-25220)
+
+  ISC would like to thank Xiang Li, Baojun Liu, and Chaoyi Lu from
+  Network and Information Security Lab, Tsinghua University, and
+  Changgen Zou from Qi An Xin Group Corp. for bringing this
+  vulnerability to our attention. :gl:`#2950`

 Known Issues
 ~~~~~~~~~~~~