<html xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">

<head>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8">

<meta name="Generator" content="Microsoft Word 15 (filtered medium)">

<style><!--

/* Font Definitions */

@font-face

        {font-family:"Cambria Math";

        panose-1:2 4 5 3 5 4 6 3 2 4;}

@font-face

        {font-family:Calibri;

        panose-1:2 15 5 2 2 2 4 3 2 4;}

@font-face

        {font-family:Aptos;

        panose-1:2 11 0 4 2 2 2 2 2 4;}

@font-face

        {font-family:Monaco;

        panose-1:0 0 0 0 0 0 0 0 0 0;}

@font-face

        {font-family:"Times New Roman \(Body CS\)";

        panose-1:2 11 6 4 2 2 2 2 2 4;}

@font-face

        {font-family:"Helvetica Neue";

        panose-1:2 0 5 3 0 0 0 2 0 4;}

/* Style Definitions */

p.MsoNormal, li.MsoNormal, div.MsoNormal

        {margin:0in;

        font-size:12.0pt;

        font-family:"Aptos",sans-serif;}

a:link, span.MsoHyperlink

        {mso-style-priority:99;

        color:blue;

        text-decoration:underline;}

span.EmailStyle19

        {mso-style-type:personal-reply;

        font-family:"Aptos",sans-serif;

        color:windowtext;}

.MsoChpDefault

        {mso-style-type:export-only;

        font-size:10.0pt;

        mso-ligatures:none;}

@page WordSection1

        {size:8.5in 11.0in;

        margin:1.0in 1.0in 1.0in 1.0in;}

div.WordSection1

        {page:WordSection1;}

--></style>

</head>

<body lang="EN-US" link="blue" vlink="purple" style="word-wrap:break-word">

<div class="WordSection1">

<p class="MsoNormal"><span style="font-size:11.0pt">We use the COPR to install BIND on our servers, and I wanted to mention that it looks like in both the isc/bind and isc/bind-esv repos, the build of the package “isc-bind-bind” failed for version  9.18.28-1.1

 in (as far as I can tell) only the EPEL 7 repo in Build 7776636.  Could someone look at that?  We’re on RHEL 8 and 9 for our BIND servers and it looks like the EPEL 8 and 9 versions build successfully, but I want to make sure that I’m not missing something.

  Thanks!<o:p></o:p></span></p>

<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>

<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>

<p class="MsoNormal"><span style="font-size:11.0pt">Brian<o:p></o:p></span></p>

<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>

<div>

<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Monaco;color:black">-- </span><span style="font-family:"Calibri",sans-serif;color:black"><o:p></o:p></span></p>

<p class="MsoNormal"><span style="font-size:9.0pt;font-family:Monaco;color:black">Brian Sebby (he/him/his)      |  Lead Systems Engineer</span><span style="font-family:"Calibri",sans-serif;color:black"><o:p></o:p></span></p>

<p class="MsoNormal"><span style="font-size:9.0pt;font-family:Monaco;color:black">Email: <a href="mailto:sebby@anl.gov" title="mailto:sebby@anl.gov"><span style="color:#0563C1">sebby@anl.gov</span></a>          |  Information Technology Infrastructure</span><span style="font-family:"Calibri",sans-serif;color:black"><o:p></o:p></span></p>

<p class="MsoNormal"><span style="font-size:9.0pt;font-family:Monaco;color:black">Phone: +1 630.252.9935        |  Business Information Services</span><span style="font-family:"Calibri",sans-serif;color:black"><o:p></o:p></span></p>

</div>

<p class="MsoNormal"><span style="font-size:9.0pt;font-family:Monaco;color:black">Cell:  +1 630.921.4305        |  Argonne National Laboratory</span><span style="font-size:11.0pt"><o:p></o:p></span></p>

<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>

<div id="mail-editor-reference-message-container">

<div>

<div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in">

<p class="MsoNormal" style="margin-bottom:12.0pt"><b><span style="color:black">From:

</span></b><span style="color:black">bind-users <bind-users-bounces@lists.isc.org> on behalf of Victoria Risk <vicky@isc.org><br>

<b>Date: </b>Tuesday, July 23, 2024 at 8:32</span><span style="font-family:"Arial",sans-serif;color:black"> </span><span style="color:black">AM<br>

<b>To: </b>bind-announce@lists.isc.org <bind-announce@lists.isc.org>, BIND Users <bind-users@lists.isc.org><br>

<b>Subject: </b>New BIND releases are available: 9.18.28, 9.20.0<o:p></o:p></span></p>

</div>

<div>

<p class="MsoNormal" style="mso-line-height-alt:.75pt"><span style="font-size:1.0pt;color:white">BIND users- Our July 2024 maintenance release of BIND 9.</span><span style="font-size:1.0pt;font-family:"Arial",sans-serif;color:white"> </span><span style="font-size:1.0pt;color:white">18,

 as well as the new 9.</span><span style="font-size:1.0pt;font-family:"Arial",sans-serif;color:white"> </span><span style="font-size:1.0pt;color:white">20.</span><span style="font-size:1.0pt;font-family:"Arial",sans-serif;color:white"> </span><span style="font-size:1.0pt;color:white">0

stable branch, are available and can be downloaded from the ISC software download page, https:<span style="font-size:1.0pt;font-family:"Arial",sans-serif;color:white"> <span style="font-size:1.0pt;color:white">//www.<span style="font-size:1.0pt;font-family:"Arial",sans-serif;color:white"> <span style="font-size:1.0pt;color:white">isc.<span style="font-size:1.0pt;font-family:"Arial",sans-serif;color:white"> <span style="font-size:1.0pt;color:white">org/download.

 In addition to bug fixes and feature <o:p></o:p></span></p>

</div>

<div>

<p class="MsoNormal" style="mso-line-height-alt:.75pt"><span style="font-size:1.0pt;color:white">ZjQcmQRYFpfptBannerStart<o:p></o:p></span></p>

</div>

<div style="border:none;border-top:solid #90A4AE 3.0pt;padding:0in 0in 0in 0in;display:block!important;text-align:left!important;margin:0px!important;padding:16px!important;border-radius:4px!important;min-width:200px!important;background-color:#D0D8DC!important;border-top:#90a4ae!important" id="pfptBannerw9c9wjk">

<div id="pfptBannerw9c9wjk">

<div id="pfptBannerw9c9wjk">

<p class="MsoNormal" style="line-height:13.5pt;background:#D0D8DC"><b><span style="font-family:"Arial",sans-serif;color:black">This Message Is From an External Sender

<o:p></o:p></span></b></p>

</div>

<div id="pfptBannerw9c9wjk">

<p class="MsoNormal" style="line-height:13.5pt;background:#D0D8DC"><span style="font-family:"Arial",sans-serif;color:black">This message came from outside your organization.

<o:p></o:p></span></p>

</div>

</div>

<div>

<p class="MsoNormal" style="background:#D0D8DC"><span style="color:black"> </span><o:p></o:p></p>

</div>

</div>

<div>

<p class="MsoNormal" style="mso-line-height-alt:.75pt"><span style="font-size:1.0pt;color:white">ZjQcmQRYFpfptBannerEnd<o:p></o:p></span></p>

</div>

<div>

<p class="MsoNormal">BIND users-<o:p></o:p></p>

</div>

<div>

<p class="MsoNormal"><o:p> </o:p></p>

</div>

<div>

<p class="MsoNormal">Our July 2024 maintenance release of BIND 9.18, as well as the new 9.20.0 stable branch, are available and can be downloaded from the ISC software download page,

<a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__www.isc.org_download&d=DwQFaQ&c=VNwPUykuud53CG9rFjagOIJ6-Rup94jYcsvLgLkfjkk&r=jaYfnGHWNQHXZDHWVerNDw&m=enZ9AiHfKVqcG4gKXlgwWb68BKijXJQ5qOejq2wTquhkSEG-taOVu6pEsM7QCg7z&s=bzNtaRi91LT7NGxvLacOsRR1G9KN3r-0KTyCGEZg7W4&e=">

https://www.isc.org/download</a>.<o:p></o:p></p>

</div>

<div>

<p class="MsoNormal"><o:p> </o:p></p>

</div>

<div>

<p class="MsoNormal">In addition to bug fixes and feature improvements, these releases also contain fixes for security vulnerabilities (CVE-2024-0760, CVE-2024-1737, CVE-2024-1975, CVE-2024-4076), about which more information is provided in the following Security

 Advisories:<o:p></o:p></p>

</div>

<div>

<p class="MsoNormal"><o:p> </o:p></p>

</div>

<div>

<p class="MsoNormal">    <a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__kb.isc.org_docs_cve-2D2024-2D0760&d=DwQFaQ&c=VNwPUykuud53CG9rFjagOIJ6-Rup94jYcsvLgLkfjkk&r=jaYfnGHWNQHXZDHWVerNDw&m=enZ9AiHfKVqcG4gKXlgwWb68BKijXJQ5qOejq2wTquhkSEG-taOVu6pEsM7QCg7z&s=hf52gj9SjjbMh_N66diWqdZFByhr_hEy_DLLM6useU4&e=">

https://kb.isc.org/docs/cve-2024-0760</a><o:p></o:p></p>

</div>

<div>

<p class="MsoNormal">    <a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__kb.isc.org_docs_cve-2D2024-2D1737&d=DwQFaQ&c=VNwPUykuud53CG9rFjagOIJ6-Rup94jYcsvLgLkfjkk&r=jaYfnGHWNQHXZDHWVerNDw&m=enZ9AiHfKVqcG4gKXlgwWb68BKijXJQ5qOejq2wTquhkSEG-taOVu6pEsM7QCg7z&s=QZWuJmSD9PaIQPEorLqEbgQF-tj3T27lRz28IBul8Gc&e=">

https://kb.isc.org/docs/cve-2024-1737</a><o:p></o:p></p>

</div>

<div>

<p class="MsoNormal">    <a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__kb.isc.org_docs_cve-2D2024-2D1975&d=DwQFaQ&c=VNwPUykuud53CG9rFjagOIJ6-Rup94jYcsvLgLkfjkk&r=jaYfnGHWNQHXZDHWVerNDw&m=enZ9AiHfKVqcG4gKXlgwWb68BKijXJQ5qOejq2wTquhkSEG-taOVu6pEsM7QCg7z&s=3rxkgsPWVjucjy0uQLiFWNSKqV579E-ri6R2zGqDFw8&e=">

https://kb.isc.org/docs/cve-2024-1975</a><o:p></o:p></p>

</div>

<div>

<p class="MsoNormal">    <a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__kb.isc.org_docs_cve-2D2024-2D4076&d=DwQFaQ&c=VNwPUykuud53CG9rFjagOIJ6-Rup94jYcsvLgLkfjkk&r=jaYfnGHWNQHXZDHWVerNDw&m=enZ9AiHfKVqcG4gKXlgwWb68BKijXJQ5qOejq2wTquhkSEG-taOVu6pEsM7QCg7z&s=z2wPjQ7Pj0Dh9Bc02avjPawaCkKA3fdgEZ2ztpWVH3Y&e=">

https://kb.isc.org/docs/cve-2024-4076</a><o:p></o:p></p>

</div>

<div>

<p class="MsoNormal"><o:p> </o:p></p>

</div>

<div>

<p class="MsoNormal">A summary of significant changes in the new releases can be found in their release notes:<o:p></o:p></p>

</div>

<div>

<p class="MsoNormal"><o:p> </o:p></p>

</div>

<div>

<p class="MsoNormal">  - Current supported stable branches:<o:p></o:p></p>

</div>

<div>

<p class="MsoNormal"><o:p> </o:p></p>

</div>

<div>

<p class="MsoNormal">    9.18.28 - <a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__downloads.isc.org_isc_bind9_9.18.28_doc_arm_html_notes.html&d=DwQFaQ&c=VNwPUykuud53CG9rFjagOIJ6-Rup94jYcsvLgLkfjkk&r=jaYfnGHWNQHXZDHWVerNDw&m=enZ9AiHfKVqcG4gKXlgwWb68BKijXJQ5qOejq2wTquhkSEG-taOVu6pEsM7QCg7z&s=eL3vtH4F4vRw0n1gERxG-YbNvYiZUwcADdS64amUM94&e=">

https://downloads.isc.org/isc/bind9/9.18.28/doc/arm/html/notes.html</a><o:p></o:p></p>

</div>

<div>

<p class="MsoNormal">    9.20.0  - <a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__downloads.isc.org_isc_bind9_9.20.0_doc_arm_html_notes.html&d=DwQFaQ&c=VNwPUykuud53CG9rFjagOIJ6-Rup94jYcsvLgLkfjkk&r=jaYfnGHWNQHXZDHWVerNDw&m=enZ9AiHfKVqcG4gKXlgwWb68BKijXJQ5qOejq2wTquhkSEG-taOVu6pEsM7QCg7z&s=jByNiOTuwi2CKgchg6VaHFIewzRSMvAtPq-UNd3NZ04&e=">

https://downloads.isc.org/isc/bind9/9.20.0/doc/arm/html/notes.html</a><o:p></o:p></p>

</div>

<div>

<p class="MsoNormal"><o:p> </o:p></p>

</div>

<div>

<p class="MsoNormal">We also have a nice blog post from Ondřej Surý on the 9.20.0 release, including performance testing results (<a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__www.isc.org_blogs_2024-2Dbind920_&d=DwMFaQ&c=VNwPUykuud53CG9rFjagOIJ6-Rup94jYcsvLgLkfjkk&r=jaYfnGHWNQHXZDHWVerNDw&m=enZ9AiHfKVqcG4gKXlgwWb68BKijXJQ5qOejq2wTquhkSEG-taOVu6pEsM7QCg7z&s=UUKshb2znNU4e4TPM0Yd2ufCIHmbyXxSKZu0ptJ8B3c&e=">https://www.isc.org/blogs/2024-bind920/</a>).<o:p></o:p></p>

</div>

<div>

<p class="MsoNormal"><o:p> </o:p></p>

</div>

<div>

<p class="MsoNormal">---<o:p></o:p></p>

</div>

<div>

<p class="MsoNormal">Please Note:<o:p></o:p></p>

</div>

<div>

<p class="MsoNormal"><o:p> </o:p></p>

</div>

<div>

<p style="margin:0in;font-variant-caps:normal;font-stretch:normal;font-size-adjust:none;font-kerning:auto;font-variant-alternates:normal;font-variant-ligatures:normal;font-variant-numeric:normal;font-variant-east-asian:normal;font-feature-settings:normal">

<span style="font-family:"Helvetica Neue"">To create an effective mitigation for CVE-2024-1737 we have introduced two new configurable limits that prevent the loading (into zones or into cache) of DNS resource records (RRs) that exceed them. We therefore recommend

 reading this KB article,<o:p></o:p></span></p>

<p style="margin:0in;font-variant-caps:normal;font-stretch:normal;font-size-adjust:none;font-kerning:auto;font-variant-alternates:normal;font-variant-ligatures:normal;font-variant-numeric:normal;font-variant-east-asian:normal;font-feature-settings:normal">

<span style="font-family:"Helvetica Neue""><a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__kb.isc.org_docs_rrset-2Dlimits-2Din-2Dzones&d=DwMFaQ&c=VNwPUykuud53CG9rFjagOIJ6-Rup94jYcsvLgLkfjkk&r=jaYfnGHWNQHXZDHWVerNDw&m=enZ9AiHfKVqcG4gKXlgwWb68BKijXJQ5qOejq2wTquhkSEG-taOVu6pEsM7QCg7z&s=rubfa9plpqTW7oAHrRfURnVqh28DVS8RP5L2EVg6QOM&e=">https://kb.isc.org/docs/rrset-limits-in-zones</a>,

 in case you need to change the defaults to suit your specific operational environment.<o:p></o:p></span></p>

<p style="margin:0in;font-variant-caps:normal;font-stretch:normal;font-size-adjust:none;font-kerning:auto;font-variant-alternates:normal;font-variant-ligatures:normal;font-variant-numeric:normal;font-variant-east-asian:normal;font-feature-settings:normal">

<span style="font-size:10.0pt;font-family:"Helvetica Neue""><o:p> </o:p></span></p>

</div>

<div>

<p class="MsoNormal">We recommend that users planning to upgrade from the EOL 9.16 branch read the following document first:<o:p></o:p></p>

</div>

<div>

<p class="MsoNormal"><o:p> </o:p></p>

</div>

<div>

<p class="MsoNormal">    <a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__kb.isc.org_docs_changes-2Dto-2Dbe-2Daware-2Dof-2Dwhen-2Dmoving-2Dfrom-2Dbind-2D916-2Dto-2D918&d=DwQFaQ&c=VNwPUykuud53CG9rFjagOIJ6-Rup94jYcsvLgLkfjkk&r=jaYfnGHWNQHXZDHWVerNDw&m=enZ9AiHfKVqcG4gKXlgwWb68BKijXJQ5qOejq2wTquhkSEG-taOVu6pEsM7QCg7z&s=Psq-P97iXxQ-QTSJn9CnBrGXnKQHNDH1RNhFd0RAJrI&e=">

https://kb.isc.org/docs/changes-to-be-aware-of-when-moving-from-bind-916-to-918</a><o:p></o:p></p>

</div>

<div>

<p class="MsoNormal"><o:p> </o:p></p>

</div>

</div>

</div>

</div>

</body>

</html>