Add CHANGES and release notes for [GL #4124]

2023-08-14 11:20:41 +02:00
parent b22c87ca61
commit 57c8bdaff5
2 changed files with 11 additions and 0 deletions
--- a/doc/notes/notes-current.rst
+++ b/doc/notes/notes-current.rst
@@ -37,6 +37,14 @@ Bug Fixes

 - None.

+- The value of If-Modified-Since header in statistics channel was not checked
+  for length leading to possible buffer overflow by an authorized user.  We
+  would like to emphasize that statistics channel must be properly setup to
+  allow access only from authorized users of the system. :gl:`#4124`
+
+  This was reported independently by Eric Sesterhenn of X41 D-SEC and Cameron
+  Whitehead.
+
 Known Issues
 ~~~~~~~~~~~~