oss-sec mailing list archives
BIND9 CVE-2017-3135: Combination of DNS64 and RPZ Can Lead to Crash
From: ISC Security Officer <security-officer () isc org>
Date: Wed, 8 Feb 2017 17:13:08 -0600
Today ISC announced CVE-2017-3135, a denial-of-service vulnerability that can affect resolvers using both DNS64 and RPZ to rewrite responses for the same view. This affects all BIND 9.9 releases since 9.9.3, all BIND 9.10 releases, and all BIND 9.11 releases, including the 9.9.10b1, 9.10.5b1, and 9.11.1b1 releases. Our full CVE text can be found at https://kb.isc.org/article/AA-01453 New releases of BIND, including security fixes for this vulnerability, are available at: www.isc.org/downloads/ Release notes can be obtained using the following links: ftp://ftp.isc.org/isc/bind9/9.9.9-P6/ ftp://ftp.isc.org/isc/bind9/9.10.4-P6/ ftp://ftp.isc.org/isc/bind9/9.11.0-P3/ ftp://ftp.isc.org/isc/bind9/9.9.10rc1/ ftp://ftp.isc.org/isc/bind9/9.10.5rc1/ ftp://ftp.isc.org/isc/bind9/9.11.1rc1/ -- Brian Conry ISC Support Acting Security Officer
Attachment:
signature.asc
Description: OpenPGP digital signature
Current thread:
- BIND9 CVE-2017-3135: Combination of DNS64 and RPZ Can Lead to Crash ISC Security Officer (Feb 08)