ISC BIND 9.4.3-P4 is now available

Evan Hunt each at isc.org
Tue Nov 24 15:23:14 UTC 2009


	             BIND 9.4.3-P4 is now available.

BIND 9.4.3-P4 is a SECURITY PATCH for BIND 9.4.3.  It addresses a
potential cache poisoning vulnerability, in which data in the additional
section of a response could be cached without proper DNSSEC validation.

        Bugs should be reported to bind9-bugs at isc.org.

BIND 9.4.3-P4 can be downloaded from:

	ftp://ftp.isc.org/isc/bind9/9.4.3-P4/bind-9.4.3-P4.tar.gz

PGP signatures of the distribution are at:

	ftp://ftp.isc.org/isc/bind9/9.4.3-P4/bind-9.4.3-P4.tar.gz.asc
	ftp://ftp.isc.org/isc/bind9/9.4.3-P4/bind-9.4.3-P4.tar.gz.sha256.asc
	ftp://ftp.isc.org/isc/bind9/9.4.3-P4/bind-9.4.3-P4.tar.gz.sha512.asc

The signatures were generated with the ISC public key, which is
available at https://www.isc.org/about/openpgp

A binary kit for Windows XP, Windows 2003 and Windows 2008 is at:

	ftp://ftp.isc.org/isc/bind9/9.4.3-P4/BIND9.4.3-P4.zip
	ftp://ftp.isc.org/isc/bind9/9.4.3-P4/BIND9.4.3-P4.debug.zip

PGP signatures of the binary kit are at:
	
	ftp://ftp.isc.org/isc/bind9/9.4.3-P4/BIND9.4.3-P4.zip.asc
	ftp://ftp.isc.org/isc/bind9/9.4.3-P4/BIND9.4.3-P4.zip.sha256.asc
	ftp://ftp.isc.org/isc/bind9/9.4.3-P4/BIND9.4.3-P4.zip.sha512.asc
	ftp://ftp.isc.org/isc/bind9/9.4.3-P4/BIND9.4.3-P4.debug.zip.asc
	ftp://ftp.isc.org/isc/bind9/9.4.3-P4/BIND9.4.3-P4.debug.zip.sha256.asc
	ftp://ftp.isc.org/isc/bind9/9.4.3-P4/BIND9.4.3-P4.debug.zip.sha512.asc

Changes since 9.4.3-P3:

2772.	[security]	When validating, track whether pending data was from
			the additional section or not and only return it if
			validates as secure. [RT #20438]


-- 
Evan Hunt -- each at isc.org
Internet Systems Consortium, Inc.




More information about the bind-announce mailing list