[dns-operations] Please upgrade BIND for CVE-2015-5477 immediately if you haven't done so
Mukund Sivaraman
muks at isc.org
Sun Aug 2 07:01:52 UTC 2015
Hi all
If you run BIND, please upgrade it to address CVE-2015-5477 (TKEY query
handling vulnerability) immediately if you have not already done so.
You can find instructions here:
https://kb.isc.org/article/AA-01272
Please contact your OS vendor or BIND package vendor if you don't have a
fix. Updated packages ought to be available by now in popular OS
distributions. Alternately, you can email ISC for a patch.
An exploit was released publicly (and very unwisely) by an unrelated
party. There's reason to believe that this is actively being used now.
Please upgrade.
Mukund
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 801 bytes
Desc: not available
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20150802/f9aaed7e/attachment.sig>
More information about the dns-operations
mailing list