Add fixes suggested by @habbie.

diff --git a/pdns/recursordist/docs/changelog/4.1.rst b/pdns/recursordist/docs/changelog/4.1.rst
index 2b3d9d100f37cd93007239ddf0a29fd6ea226ac5..1e06f02fc11372cad064c0a17ca8c91750ede118 100644 (file)
--- a/pdns/recursordist/docs/changelog/4.1.rst
+++ b/pdns/recursordist/docs/changelog/4.1.rst
@@ -11,7 +11,7 @@ Changelogs for 4.1.x
 
   The full release notes can be read `on the blog <https://blog.powerdns.com/2018/01/22/powerdns-recursor-4-1-1/>`_.
 
-  This is a release on the stable branch and contains a fix for the
+  This is a release on the stable branch, containing a fix for the
   abovementioned security issue and several bug fixes from the
   development branch.
 

diff --git a/pdns/recursordist/docs/security-advisories/powerdns-advisory-2018-01.rst b/pdns/recursordist/docs/security-advisories/powerdns-advisory-2018-01.rst
index d7de6b4b6a9e7197a0d87a5393501a2e667efc09..838ca3f7060f316607c67d8e40418261bcd5abe8 100644 (file)
--- a/pdns/recursordist/docs/security-advisories/powerdns-advisory-2018-01.rst
+++ b/pdns/recursordist/docs/security-advisories/powerdns-advisory-2018-01.rst
@@ -17,7 +17,7 @@ An issue has been found in the DNSSEC validation component of PowerDNS Recursor,
 allowing an ancestor delegation NSEC or NSEC3 record to be used to wrongfully
 prove the non-existence of a RR below the owner name of that record. This would
 allow an attacker in position of man-in-the-middle to send a NXDOMAIN answer
-for a name that does exist. This issue has been assigned TBD.
+for a name that does exist. This issue has been assigned CVE-2018-1000003.
 
 PowerDNS Recursor 4.1.0 is affected.
 
@@ -25,4 +25,4 @@ For those unable to upgrade to a new version, a minimal patch is
 `available <https://downloads.powerdns.com/patches/2018-01>`__
 
 We would like to thank CZ.NIC for finding and subsequently reporting this
-issue.
+issue! Please also see https://lists.nic.cz/pipermail/knot-dns-users/2018-January/001309.html