[dns-operations] BIND vulnerability for recursive servers

Eric Ziegast ziegast at isc.org
Wed Nov 16 18:52:20 UTC 2011

The patch for a vulnerability to BIND recursive servers has been
released.  Authoritative-only servers are not affected.

Site http://www.isc.org/software/bind will be updated with release
info soon.

Here's where you can get downloads now:

If you run a recursive server (especially if it's crashing with assert
errors), look at your current version and upgrade
to the -P1 release above for your version.

I'll get a link to the CVE text out as soon as it's available.

Eric Ziegast

More information about the dns-operations mailing list