Pre-announcement of two BIND security issues scheduled for disclosure 19 May 2020
ISC Security Officer
security-officer at isc.org
Thu May 14 08:15:36 UTC 2020
After observing the use of this practice by some other open-source projects,
we here at ISC have decided to amend our security policy to allow, at our
discretion, limited pre-announcement of pending security vulnerability
disclosures.
This is our first experiment with the new practice and by making this
pre-announcement we wish to inform the BIND user community that the
maintenance releases scheduled for Tuesday, May 19th, 2020 will contain
security fixes for two separate (unrelated) security vulnerabilities.
Further details about the vulnerabilities will be publicly disclosed
at the time the releases are published next Tuesday. It is our hope that
this pre-announcement will aid BIND operators in planning to respond to
that disclosure when it occurs.
Michael McNally
ISC Security Officer
P.S.: if you have feedback or questions concerning this new policy,
kindly direct them to security-officer at isc.org
More information about the bind-announce
mailing list