add CVE-2017-3136 note

(cherry picked from commit d77eadc261)
2017-02-15 12:44:12 +11:00
parent 93fe666d15
commit 52e42f648b
1 changed files with 7 additions and 0 deletions
--- a/doc/arm/notes.xml
+++ b/doc/arm/notes.xml
@@ -71,6 +71,13 @@

  <section xml:id="relnotes_security"><info><title>Security Fixes</title></info>
    <itemizedlist>
+      <listitem>
+	<para>
+	  <command>dns64</command> with <command>break-dnssec yes;</command>
+	  can result in an assertion failure. This flaw is disclosed in
+	  CVE-2017-3136.[RT #44653]
+	</para>
+      </listitem>
      <listitem>
 	<para>
 	  If a server is configured with a response policy zone (RPZ)