Date: Tue, 27 Sep 2016 12:38:33 -0500 From: ISC Security Officer <security-officer@....org> To: oss-security@...ts.openwall.com Cc: ISC Security Officer <security-officer@....org> Subject: BIND9 CVE-2016-2776: Assertion Failure in buffer.c While Building Responses to a Specifically Constructed Request Please be advised that ISC publicly announced a vulnerability in the BIND 9 software. CVE-2016-2776 is a denial-of-service vector which can potentially be exploited against BIND 9 servers. All versions prior to the current releases are vulnerable. Our full CVE text can be found at https://kb.isc.org/article/AA-01419/0 New releases of BIND, including security fixes for this vulnerability, are available at: www.isc.org/downloads/ Release notes can be obtained using the following links: ftp://ftp.isc.org/isc/bind9/9.9.9-P3/ ftp://ftp.isc.org/isc/bind9/9.10.4-P3/ ftp://ftp.isc.org/isc/bind9/9.11.0rc3/ -- Brian Conry ISC Support Acting Security Officer [ CONTENT OF TYPE application/pgp-signature SKIPPED ]
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ