[dns-operations] Please upgrade BIND for CVE-2015-5477 immediately if you haven't done so

Mukund Sivaraman muks at isc.org
Sun Aug 2 07:01:52 UTC 2015

Hi all

If you run BIND, please upgrade it to address CVE-2015-5477 (TKEY query
handling vulnerability) immediately if you have not already done so.

You can find instructions here:

Please contact your OS vendor or BIND package vendor if you don't have a
fix. Updated packages ought to be available by now in popular OS
distributions. Alternately, you can email ISC for a patch.

An exploit was released publicly (and very unwisely) by an unrelated
party. There's reason to believe that this is actively being used now.
Please upgrade.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 801 bytes
Desc: not available
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20150802/f9aaed7e/attachment.sig>

More information about the dns-operations mailing list