Red Hat BIND Security Advisory CVE-2018-5742

Cathy Almond cathya at isc.org
Wed Dec 19 16:27:22 UTC 2018


https://access.redhat.com/security/cve/cve-2018-5742

FYI and just to clarify, Red Hat Security Advisory CVE-2018-5742 does
not exist in any version of BIND available directly from ISC; it is
present solely in the version(s) identified by Red Hat in their own
distribution(s).

The problem was accidentally introduced during a backport of the NTA
(Negative Trust Anchor) feature from ISC BIND 9.11.

Both Red Hat and CentOS have BIND distributions that are affected.

The associated defect reports can be found here:

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-5742

https://bugs.centos.org/view.php?id=15528

For anyone who would like to take this opportunity to migrate to a
supported ISC version of BIND, please see our downloads page:

https://www.isc.org/downloads/

We realise that for many, access to packaged versions of BIND 9 is the
reason that they chose to run the version of BIND offered by their OS
platform rather than building their own.  You might be interested to
hear that we're working on providing packaged builds of ISC BIND for
some platforms.  Details here:

https://www.isc.org/blogs/bind-9-packages/

For a comparison of feature availability in different versions of BIND
from ISC, see:

https://kb.isc.org/docs/aa-01310

(Please also note that BIND 9.9 and 9.10 from ISC are now EOL).

Cathy Almond
ISC Support


More information about the bind-users mailing list