diff --git a/CHANGES b/CHANGES
index 9ae00a770f..e9b33fd19b 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,5 @@
+2305.	[security]	inet_network() buffer overflow. CVE-2008-0122.
+
 2304.	[bug]		Check returns from all dns_rdata_tostruct() calls.
 			[RT #17460]
 
diff --git a/lib/bind/inet/inet_network.c b/lib/bind/inet/inet_network.c
index 4758a00f26..47976cff68 100644
--- a/lib/bind/inet/inet_network.c
+++ b/lib/bind/inet/inet_network.c
@@ -84,9 +84,9 @@ again:
 	}
 	if (!digit)
 		return (INADDR_NONE);
+	if (pp >= parts + 4 || val > 0xffU)
+		return (INADDR_NONE);
 	if (*cp == '.') {
-		if (pp >= parts + 4 || val > 0xffU)
-			return (INADDR_NONE);
 		*pp++ = val, cp++;
 		goto again;
 	}