From 175e4e963b5cc15072d07d734f73468f210b401b Mon Sep 17 00:00:00 2001
From: Matthijs Mekking <matthijs@isc.org>
Date: Mon, 5 Sep 2022 11:34:57 +0200
Subject: [PATCH] Add release notes for #3517

(cherry picked from commit 97c6c3712eeb9e8d6463749a1f70350e68b7b1b3)
---
 doc/notes/notes-current.rst | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/doc/notes/notes-current.rst b/doc/notes/notes-current.rst
index 34bddc1bc5..71c725493a 100644
--- a/doc/notes/notes-current.rst
+++ b/doc/notes/notes-current.rst
@@ -33,6 +33,12 @@ Security Fixes
   could be externally triggered, when using TKEY records in DH mode with
   OpenSSL 3.0.0 and later versions. (CVE-2022-2906) :gl:`#3491`
 
+- :iscman:`named` running as a resolver with the
+  :any:`stale-answer-client-timeout` option set to ``0`` could crash
+  with an assertion failure, when there was a stale CNAME in the cache
+  for the incoming query. This has been fixed. (CVE-2022-3080)
+  :gl:`#3517`
+
 Known Issues
 ~~~~~~~~~~~~