oss-sec mailing list archives
BIND9 CVE-2016-8864: A problem handling responses containing a DNAME,answer can lead to an assertion failure
From: ISC Security Officer <security-officer () isc org>
Date: Tue, 1 Nov 2016 15:06:29 -0500
Please be advised that ISC publicly announced a vulnerability in the BIND 9 software. CVE-2016-8864 is a denial-of-service vector which can potentially be exploited against BIND 9 servers. All versions prior to the current releases are vulnerable. Our full CVE text can be found at https://kb.isc.org/article/AA-01434/0 New releases of BIND, including security fixes for this vulnerability, are available at: www.isc.org/downloads/ Release notes can be obtained using the following links: ftp://ftp.isc.org/isc/bind9/9.9.9-P4/ ftp://ftp.isc.org/isc/bind9/9.10.4-P4/ ftp://ftp.isc.org/isc/bind9/9.11.0-P1/ -- Brian Conry ISC Support Acting Security Officer
Attachment:
signature.asc
Description: OpenPGP digital signature
Current thread:
- BIND9 CVE-2016-8864: A problem handling responses containing a DNAME,answer can lead to an assertion failure ISC Security Officer (Nov 01)