New releases of BIND are available: 9.11.19, 9.14.12, and 9.16.3
Michael McNally
mcnally at isc.org
Tue May 19 09:00:31 UTC 2020
Three new releases of BIND are available for download from
https://www.isc.org/downloads
BIND 9.11.19 and BIND 9.16.3 are the May 2020 releases of the two
currently supported stable branches of BIND. In addition to
bug fixes and feature improvements, these releases also contain
security fixes for two "high" severity security vulnerabilities:
CVE-2020-8616: BIND does not sufficiently limit the number
of fetches performed when processing referrals
CVE-2020-8617: A logic error in code which checks TSIG
validity can be used to trigger an assertion failure in tsig.c
BIND 9.14.12 is the final planned release in the now End-of-Life (EOL)
9.14 branch. It contains only the fixes for the two security
vulnerabilities and is the last 9.14 release that we intend to release.
If you are running 9.14 please use the time provided to plan your
migration to a currently supported release branch.
Release notes for the individual releases can be found at:
9.11.19: https://downloads.isc.org/isc/bind9/9.11.19/RELEASE-NOTES-bind-9.11.19.html
9.14.12: https://downloads.isc.org/isc/bind9/9.14.12/RELEASE-NOTES-bind-9.14.12.html
9.16.3: https://downloads.isc.org/isc/bind9/9.16.3/RELEASE-NOTES-bind-9.16.3.html
ISC have also released patch diffs for the two security vulnerabilities,
for those who wish to selectively patch the two CVE issues without
adopting all of the other changes that are in the latest maintenance
releases.
Patch diffs can be found in:
9.11 branch: https://downloads.isc.org/isc/bind9/9.11.19/patches
9.14 branch: https://downloads.isc.org/isc/bind9/9.14.12/patches
9.16 branch: https://downloads.isc.org/isc/bind9/9.16.3/patches
More information about the bind-announce
mailing list