Does the CVE-2011-1910 vulnerability affect the BIND 9.7.0-P2?

Chris Thompson cet1 at
Fri Jun 10 11:45:52 UTC 2011

On Jun 10 2011, Mark Andrews wrote:

>In message <201106100709.QAA04566 at>, YABUKI Youichi writes:
>> The BIND security advisory for CVE-2011-1910 does not mention
>> about versions 9.7.0, 9.7.0-P1 and 9.7.0-P2.
>> Does the CVE-2011-1910 vulnerability affect these versions?
>No, they are not affected.

Then the advice I got from someone else at ISC, that if 

  if (r.length < 2)
       return (ISC_R_NOSPACE);

occurs c. line 188 in lib/dns/ncache.c (as opposed to "r.length < 3"),
then the version is vulnerable, was not complete? Because the 9.7.0*
versions certainly have that code.

Chris Thompson
Email: cet1 at

More information about the bind-users mailing list