CERT mailing list archives

Current Activity - Internet System Consortium releases BIND Patches

From: Current Activity <us-cert () us-cert gov>
Date: Tue, 5 Jul 2011 14:17:59 -0400

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

US-CERT Current Activity

Internet System Consortium releases BIND Patches

Original release date: July 5, 2011 at 2:11 pm
Last revised: July 5, 2011 at 2:11 pm


The Internet System Consortium has released updates for BIND to
address multiple vulnerabilities. CVE-2011-2464 affects the
following versions: 9.6.3; 9.6-ESV-R4 and later; 9.7.0 and later;
9.7.1 and later; 9.7.2 and later; 9.7.3 and later; 9.7.4b1; 9.8.0 and
later; and 9.8.1b1. CVE-2011-2465 affects the following versions:
9.8.0 and later, and 9.8.1b1. Exploitation of these vulnerabilities
may allow an attacker to cause a denial-of-service condition.
Additional information regarding these vulnerabilities can be found in
US-CERT Vulnerability Notes VU#142646 and VU#137968.

US-CERT encourages users and administrators to review CVE-2011-2464
and CVE-2011-2465 and apply the respective patches to help mitigate
the risks. Since BIND is often packaged in larger third-party
applications or operating system distributions, users and
administrators should check with their software vendors for updated
versions.

Relevant Url(s):
<http://www.kb.cert.org/vuls/id/137968>

<http://www.isc.org/software/bind/advisories/cve-2011-2464>

<https://www.isc.org/downloads>

<http://www.kb.cert.org/vuls/id/142646>

<http://www.isc.org/software/bind/advisories/cve-2011-2465>

====
This entry is available at
http://www.us-cert.gov/current/index.html#internet_system_consortium_releases_bind3

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBThNVST6pPKYJORa3AQLRlwf/cE2bo+51EYpjDaRYWE0yBDvhTrsAd3IH
8zMC+aRsI+QpBW2IRWmYfnq9Kc1YC5CsCah1SN3eBX/Qjq6b3iy0VY8YyOIL/F/f
d9Lll4tHxgtEqh9CSFNxqJcE0dWkQd3+P+iaBz95tosAxSxndgypQqSFnHSh1nXC
cxDxvgGFWDnD7cZcaaL5aIrqyuPX/wJwBDuJIXjsd6ixqanyVnYXFL32g1EmFul/
MHkd95E/p9QcknCLVPma/piXnAy6Wr3BrHZYeuxi+wTncEG2NGNEYAFIr4UlR5Vh
1LhKNIt6B1FPl5kVbDm2dEnoHjt8yOGJxCzG3yRCSCHyoD3piK9soQ==
=IdU2
-----END PGP SIGNATURE-----

Current thread:

Current Activity - Internet System Consortium releases BIND patches Current Activity (May 27)
- <Possible follow-ups>
- Current Activity - Internet System Consortium releases BIND Patches Current Activity (Jul 05)