"Jumbo" Security Release of BIND corrects four exploitable vulnerabilities.

Michael McNally mcnally at isc.org
Thu Jan 12 00:01:32 UTC 2017

ISC has issued new security releases of BIND today, correcting
three exploitable vulnerabilities discovered in the course of our
internal fuzz-testing and an additional exploitable vulnerability
reported to us by a contributor.

The issues are:


and details about each can be found in the BIND Security Advisories
section of the ISC Knowledge Base:


New security releases have been issued which correct the vulnerabilities.
These are available via the http://www.isc.org/downloads web page:

   BIND 9.9.9-P5
   BIND 9.10.4-P5
   BIND 9.11.0-P2

We encourage all parties using or distributing BIND to upgrade to these
versions as soon as possible so that they may be protected from the
vulnerabilities now that they have been publicly disclosed.

Michael McNally
ISC Security Officer

More information about the bind-users mailing list