From 51546e88920829d9da74bff378eb88ac897f807e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20=C5=A0pa=C4=8Dek?= Date: Fri, 25 Feb 2022 15:14:23 +0100 Subject: [PATCH] Add Release Note for [GL #2950] --- doc/notes/notes-current.rst | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/doc/notes/notes-current.rst b/doc/notes/notes-current.rst index a66b6eb57d..0b45bfb281 100644 --- a/doc/notes/notes-current.rst +++ b/doc/notes/notes-current.rst @@ -15,7 +15,14 @@ Notes for BIND 9.17.23 Security Fixes ~~~~~~~~~~~~~~ -- None. +- The rules for acceptance of records into the cache have been tightened + to prevent the possibility of poisoning if forwarders send records + outside the configured bailiwick. (CVE-2021-25220) + + ISC would like to thank Xiang Li, Baojun Liu, and Chaoyi Lu from + Network and Information Security Lab, Tsinghua University, and + Changgen Zou from Qi An Xin Group Corp. for bringing this + vulnerability to our attention. :gl:`#2950` Known Issues ~~~~~~~~~~~~