[nsp-sec] BIND CVE - preliminary info
Eric Ziegast
ziegast at isc.org
Wed Nov 16 13:39:27 EST 2011
TLP WHITE
The patch for a vulnerability to BIND recursive servers has been
released. Authoritative-only servers are not affected.
Site http://www.isc.org/software/bind will be updated with release
info soon.
Here's where you can get downloads now:
ftp://ftp.isc.org/isc/bind9/9.8.1-P1
ftp://ftp.isc.org/isc/bind9/9.7.4-P1
ftp://ftp.isc.org/isc/bind9/9.6-ESV-R5-P1
ftp://ftp.isc.org/isc/bind9/9.4-ESV-R5-P1
If you run a recursive server, look at the current version and upgrade
to the -P1 release above for your version.
I'll get the CVE text out as soon as it's available.
--
Eric Ziegast
More information about the nsp-security
mailing list