From 55d7ef3e9df01a483a421f96cfcbd42737df28bb Mon Sep 17 00:00:00 2001
From: LaMont Jones <lamont@debian.org>
Date: Fri, 26 Nov 2010 06:00:01 -0700
Subject: 9.7.2-P3

---
 CHANGES | 33 +++++++++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)

(limited to 'CHANGES')

diff --git a/CHANGES b/CHANGES
index b7bedb8d..18de07d0 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,36 @@
+
+	--- 9.7.2-P3 released ---
+
+2972.	[bug]		win32: address windows socket errors. [RT #21906]
+
+2971.	[bug]		Fixed a bug that caused journal files not to be
+			compacted on Windows systems as a result of
+			non-POSIX-compliant rename() semantics. [RT #22434]
+
+2970.	[security]	Adding a NO DATA negative cache entry failed to clear
+			any matching RRSIG records.  A subsequent lookup of
+			of NO DATA cache entry could trigger a INSIST when the
+			unexpected RRSIG was also returned with the NO DATA
+			cache entry.
+
+			CVSS: 7.1 (AV:N/AC:M/Au:N/C:N/I:N/A:C/E:P/RL:O/RC:C)
+			CVE-2010-3613, VU#706148. [RT #22288]
+
+2969.	[security]	Fix acl type processing so that allow-query works
+			in options and view statements.  Also add a new
+			set of tests to verify proper functioning.
+
+			CVSS: 7.8 (AV:N/AC:L/Au:N/C:C/I:N/A:N/E:F/RL:O/RC:C)
+			CVE-2010-3615, VU#510208. [RT #22418]
+
+2968.	[security]	Named could fail to prove a data set was insecure
+			before marking it as insecure.  One set of conditions
+			that can trigger this occurs naturally when rolling
+			DNSKEY algorithms.
+
+			CVSS: 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N/E:P/RL:O/RC:C)
+			CVE-2010-3614, VU#837744. [RT #22309]
+
 	--- 9.7.2-P2 released ---
 
 2963.	[security]	The allow-query acl was being applied instead of the
-- 
cgit v1.2.3