Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Tue, 27 Sep 2016 12:38:33 -0500
From: ISC Security Officer <security-officer@....org>
To: oss-security@...ts.openwall.com
Cc: ISC Security Officer <security-officer@....org>
Subject: BIND9 CVE-2016-2776: Assertion Failure in buffer.c While Building
 Responses to a Specifically Constructed Request

Please be advised that ISC publicly announced a vulnerability in the
BIND 9 software.

CVE-2016-2776 is a denial-of-service vector which can potentially be
exploited against BIND 9 servers.  All versions prior to the current
releases are vulnerable.

Our full CVE text can be found at https://kb.isc.org/article/AA-01419/0

New releases of BIND, including security fixes for this vulnerability,
are available at: www.isc.org/downloads/

Release notes can be obtained using the following links:

ftp://ftp.isc.org/isc/bind9/9.9.9-P3/
ftp://ftp.isc.org/isc/bind9/9.10.4-P3/
ftp://ftp.isc.org/isc/bind9/9.11.0rc3/

-- 
Brian Conry
ISC Support
Acting Security Officer




[ CONTENT OF TYPE application/pgp-signature SKIPPED ]

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ