"Jumbo" Security Release of BIND corrects four exploitable vulnerabilities.
Michael McNally
mcnally at isc.org
Thu Jan 12 00:01:32 UTC 2017
ISC has issued new security releases of BIND today, correcting
three exploitable vulnerabilities discovered in the course of our
internal fuzz-testing and an additional exploitable vulnerability
reported to us by a contributor.
The issues are:
CVE-2016-9131
CVE-2016-9147
CVE-2016-9444
CVE-2016-9778
and details about each can be found in the BIND Security Advisories
section of the ISC Knowledge Base:
https://kb.isc.org/category/74/0/10/Software-Products/BIND9/Security-Advisories/
New security releases have been issued which correct the vulnerabilities.
These are available via the http://www.isc.org/downloads web page:
BIND 9.9.9-P5
BIND 9.10.4-P5
BIND 9.11.0-P2
We encourage all parties using or distributing BIND to upgrade to these
versions as soon as possible so that they may be protected from the
vulnerabilities now that they have been publicly disclosed.
Michael McNally
ISC Security Officer
More information about the bind-users
mailing list