BIND 9.8.0-P1 is now available for download
larissas at isc.org
Fri May 6 00:05:59 UTC 2011
-----BEGIN PGP SIGNED MESSAGE-----
BIND 9.8.0-P1 is now available for download.
This release fixes one security related issue. The full up to date
advisory regarding this issue is available at:
https://www.isc.org/CVE-2011-1907. A text version of the advisory will
be provided for ease of use, but this advisory may be updated. The url
will have the up to date version.
This release, and its OpenPGP-signatures are available now from:
ISC's Release Signing Key can be obtained at:
BIND 9.8.0-P1 Release Notes:
BIND 9.8.0-P1 is security patch for BIND 9.8.0.
Please see the CHANGES file in the source code release for a complete
list of all changes.
The latest development versions of BIND 9 software can always be found
on our web site at http://www.isc.org/downloads/development. There you
will find additional information about each release, source code, and
some pre-compiled versions for certain operating systems.
Product support information is available on
http://www.isc.org/services/support for paid support options. Free
support is provided by our user community via a mailing list.
Information on all public email lists is available at
* BIND 9.8.0 introduced Response Policy Zones (RPZ), a mechanism for
modifying DNS responses returned by a recursive server according to
a set of rules which are either defined locally or imported from a
In typical configurations, RPZ is used to force negative (NXDOMAIN)
responses for untrusted names. However, it can also be used to
replace the answer for a given query, returning a positive response
defined by local policy.
In BIND 9.8.0, when an RPZ was configured to replace the answer
RRset for a given name, a query of type RRSIG for that name could
trigger an assertion failure and cause the name server process to
exit. [RT #24280] [CVE-2011-1907]
Known issues in this release
Thank you to everyone who assisted us in making this release possible.
If you would like to contribute to ISC to assist us in continuing to
make quality open source software, please visit our donations page at
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.14 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
-----END PGP SIGNATURE-----
More information about the bind-users