Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Date: Wed, 19 Jun 2019 17:13:38 -0800
From: Michael McNally <>
Subject: ISC disclosed BIND vulnerability CVE-2019-6471.

Today ISC disclosed a vulnerability in our BIND software.

Information about the vulnerability can be found in the ISC Knowledge

   CVE-2019-6471:  A race condition when discarding malformed
   packets can cause BIND to exit with an assertion failure

New maintenance releases of BIND released today contain the fix
for the vulnerability along with other bug fixes and feature
improvements.  They may be downloaded from the ISC web site's
download page (

   -  9.11.8
   -  9.12.4-P2
   -  9.14.3
   -  9.15.1

With the public disclosure of these vulnerabilities, parties which
had been given advance notice concerning them are released from
non-disclosure and packagers and redistributors are encouraged to
publish updated packages containing fixes.

If you have additional questions, please direct them to

Thank you,

Michael McNally
ISC Security Officer

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.