From da23a0c4e12c7d68ea9ca2b65b35c81ff9a6bb31 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20K=C4=99pie=C5=84?= Date: Mon, 10 Feb 2025 18:33:11 +0100 Subject: [PATCH] Update CVE checklist --- .gitlab/issue_templates/Internal_use_only-CVE.md | 6 ++++-- doc/notes/notes-9.21.5.rst | 10 +++------- 2 files changed, 7 insertions(+), 9 deletions(-) diff --git a/.gitlab/issue_templates/Internal_use_only-CVE.md b/.gitlab/issue_templates/Internal_use_only-CVE.md index d4a7960c93..5b9194ed17 100644 --- a/.gitlab/issue_templates/Internal_use_only-CVE.md +++ b/.gitlab/issue_templates/Internal_use_only-CVE.md @@ -70,7 +70,8 @@ confidential! - [ ] [:link:][step_clearance] **(IM)** Grant QA & Marketing clearance to proceed with public release - [ ] [:link:][step_matrix] **(Support)** (BIND 9 only) Add the new CVEs to the vulnerability matrix in the Knowledge Base - - [ ] [:link:][step_publish_advisory] **(Support)** Bump Document Version for the Security Advisory and publish it in the Knowledge Base + - [ ] [:link:][step_bump_advisory] **(Support)** Bump Document Version for the Security Advisory in Printing Press + - [ ] [:link:][step_publish_advisory] **(Support)** Publish the Security Advisory in the Knowledge Base - [ ] [:link:][step_publish] **(QA/Marketing)** Publish the releases (as outlined in the release checklist) - [ ] [:link:][step_notifications] **(First IM)** Send notification emails to third parties - [ ] [:link:][step_mitre] **(First IM)** Advise MITRE about the disclosed CVEs @@ -114,7 +115,8 @@ confidential! [step_packager_emails]: https://gitlab.isc.org/isc-private/isc-wiki/-/wikis/Security-Incident-Handling-Checklist-Explanations#send-notifications-to-os-packagers [step_clearance]: https://gitlab.isc.org/isc-private/isc-wiki/-/wikis/Security-Incident-Handling-Checklist-Explanations#grant-qa-marketing-clearance-to-proceed-with-public-release [step_matrix]: https://gitlab.isc.org/isc-private/isc-wiki/-/wikis/Security-Incident-Handling-Checklist-Explanations#bind-9-only-add-the-new-cves-to-the-vulnerability-matrix-in-the-knowledge-base -[step_publish_advisory]: https://gitlab.isc.org/isc-private/isc-wiki/-/wikis/Security-Incident-Handling-Checklist-Explanations#bump-document-version-for-the-security-advisory-and-publish-it-in-the-knowledge-base +[step_bump_advisory]: https://gitlab.isc.org/isc-private/isc-wiki/-/wikis/Security-Incident-Handling-Checklist-Explanations#bump-document-version-for-the-security-advisory-in-printing-press +[step_publish_advisory]: https://gitlab.isc.org/isc-private/isc-wiki/-/wikis/Security-Incident-Handling-Checklist-Explanations#publish-the-security-advisory-in-the-knowledge-base [step_publish]: https://gitlab.isc.org/isc-private/isc-wiki/-/wikis/Security-Incident-Handling-Checklist-Explanations#publish-the-releases-as-outlined-in-the-release-checklist [step_notifications]: https://gitlab.isc.org/isc-private/isc-wiki/-/wikis/Security-Incident-Handling-Checklist-Explanations#send-notification-emails-to-third-parties [step_mitre]: https://gitlab.isc.org/isc-private/isc-wiki/-/wikis/Security-Incident-Handling-Checklist-Explanations#advise-mitre-about-the-disclosed-cves diff --git a/doc/notes/notes-9.21.5.rst b/doc/notes/notes-9.21.5.rst index 77b3c35684..bae889f17d 100644 --- a/doc/notes/notes-9.21.5.rst +++ b/doc/notes/notes-9.21.5.rst @@ -93,12 +93,8 @@ Bug Fixes cache database performance for any heavily contended database nodes. :gl:`#5130` -- Fix EDE 22 timeout detection - - Previously, Extended DNS Error 22 (No Reachable Authority) was detected - when `fctx_expired` fired; a resolver would return `SERVFAIL` without - `EDE 22` enabled. Since this function is used as a - "safety net," the timeout detection should be caught earlier. This is now fixed. - :gl:`#5137` +- Fix reporting of Extended DNS Error 22 (No Reachable Authority). + This error code was previously not reported in some applicable + situations. This has been fixed. :gl:`#5137`