Date: Wed, 8 Feb 2017 17:13:08 -0600 From: ISC Security Officer <security-officer@....org> To: oss-security@...ts.openwall.com Cc: ISC Security Officer <security-officer@....org> Subject: BIND9 CVE-2017-3135: Combination of DNS64 and RPZ Can Lead to Crash Today ISC announced CVE-2017-3135, a denial-of-service vulnerability that can affect resolvers using both DNS64 and RPZ to rewrite responses for the same view. This affects all BIND 9.9 releases since 9.9.3, all BIND 9.10 releases, and all BIND 9.11 releases, including the 9.9.10b1, 9.10.5b1, and 9.11.1b1 releases. Our full CVE text can be found at https://kb.isc.org/article/AA-01453 New releases of BIND, including security fixes for this vulnerability, are available at: www.isc.org/downloads/ Release notes can be obtained using the following links: ftp://ftp.isc.org/isc/bind9/9.9.9-P6/ ftp://ftp.isc.org/isc/bind9/9.10.4-P6/ ftp://ftp.isc.org/isc/bind9/9.11.0-P3/ ftp://ftp.isc.org/isc/bind9/9.9.10rc1/ ftp://ftp.isc.org/isc/bind9/9.10.5rc1/ ftp://ftp.isc.org/isc/bind9/9.11.1rc1/ -- Brian Conry ISC Support Acting Security Officer Download attachment "signature.asc" of type "application/pgp-signature" (456 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ