BIND 4.9.11 Release
Mark_Andrews at isc.org
Mark_Andrews at isc.org
Sun Nov 17 05:55:53 UTC 2002
BIND 4.9.11 Release
BIND 4.9.11 is security release of BIND 4. BIND 8.3.4 and BIND 8.2.7 are
being released simultaneously.
The recommended version to use is BIND 9.2.1. If for whatever reason you
must run BIND 8, use nothing earlier than 8.2.7-REL, 8.3.7-REL. Do not
under any circumstances run BIND 4. There are unfixed security issues
in this release.
This release in intended for vendors still shipping BIND 4 based resolver
libraries.
Highlights vs. 4.9.10
Security Fix
Highlights vs. 4.9.9
Security Fix libresolv.
All applications linked against libresolv need to relinked.
the distribution file is:
ftp://ftp.isc.org/isc/bind/src/4.9.11/bind-4.9.11-REL.tar.gz
the pgp signature file is:
ftp://ftp.isc.org/isc/bind/src/4.9.11/bind-4.9.11-REL.tar.gz.asc
the md5 checksums are:
MD5 (bind-4.9.11-REL.tar.gz) = f2d5b1ef9c14233fbf8256908d1bbc68
MD5 (bind-4.9.11-REL.tar.gz.asc) = 5cb6747022e4897ae0034b29160dfc4a
top of CHANGES says:
--- 4.9.11-REL released ---
826. [bug] the buffer used to construct the -ve record was not
big enough for all possible SOA records. use pointer
arithmetic to calculate the remaining size in this
buffer.
825. [bug] use serial space arithmetic to determine if a SIG is
too old, in the future or has internally constistant
times.
824. [bug] write buffer overflow in make_rr().
823. [bug] getnetbyname() was broken.
822. [bug] write buffer overflows in getnetby{name,addr}().
--- 4.9.10-REL released ---
More information about the bind-announce
mailing list