-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 BIND 9.8.0-P1 is now available for download.
This release fixes one security related issue. The full up to date advisory regarding this issue is available at: https://www.isc.org/CVE-2011-1907. A text version of the advisory will be provided for ease of use, but this advisory may be updated. The url will have the up to date version. This release, and its OpenPGP-signatures are available now from: ftp://ftp.isc.org/isc/bind9/9.8.0-P1/bind-9.8.0-P1.tar.gz ftp://ftp.isc.org/isc/bind9/9.8.0-P1/bind-9.8.0-P1.tar.gz.sha512.asc ftp://ftp.isc.org/isc/bind9/9.8.0-P1/bind-9.8.0-P1.tar.gz.sha256.asc ftp://ftp.isc.org/isc/bind9/9.8.0-P1/bind-9.8.0-P1.tar.gz.sha1.asc ISC's Release Signing Key can be obtained at: http://www.isc.org/about/openpgp/ BIND 9.8.0-P1 Release Notes: Introduction BIND 9.8.0-P1 is security patch for BIND 9.8.0. Please see the CHANGES file in the source code release for a complete list of all changes. Download The latest development versions of BIND 9 software can always be found on our web site at http://www.isc.org/downloads/development. There you will find additional information about each release, source code, and some pre-compiled versions for certain operating systems. Support Product support information is available on http://www.isc.org/services/support for paid support options. Free support is provided by our user community via a mailing list. Information on all public email lists is available at https://lists.isc.org/mailman/listinfo. Security Fixes 9.8.0-P1 * BIND 9.8.0 introduced Response Policy Zones (RPZ), a mechanism for modifying DNS responses returned by a recursive server according to a set of rules which are either defined locally or imported from a reputation provider. In typical configurations, RPZ is used to force negative (NXDOMAIN) responses for untrusted names. However, it can also be used to replace the answer for a given query, returning a positive response defined by local policy. In BIND 9.8.0, when an RPZ was configured to replace the answer RRset for a given name, a query of type RRSIG for that name could trigger an assertion failure and cause the name server process to exit. [RT #24280] [CVE-2011-1907] Known issues in this release * None. Thank You Thank you to everyone who assisted us in making this release possible. If you would like to contribute to ISC to assist us in continuing to make quality open source software, please visit our donations page at http://www.isc.org/supportisc. -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.14 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJNwzpuAAoJEBOIp87tasiU9hUH/1jR00n8w/lj5UN79IzPdU6N ZhSxAyUljd9pfCDDtqKwT91kTw3PNG0Gu1KjAGCF+sZkGBnRqhBOsJUtlX8d6YPk PgDYYGhxAeTbYNAwq9+3zsT0pZnB3eGYygg/u4RvH7hkBPdPy+XmmwUrk/wH3yTg T5VofN6qWwdaGstrcS+wKhJatEwai8xP7VhRBf+xnmbrkuZ2pLWH/lPtNS7IZuZo CsFvGsvN2JYcDVt9DwU9V9Xat9SfOPs+qSJWXIuzetSYy5xm0WsxpY4q74+kLMxN eQJRZLesvPWbGGeOdG123PoxtPRrxctIVhHDcluYTYEX+z2gkzD4UVb15HGjc7E= =SB5N -----END PGP SIGNATURE----- _______________________________________________ bind-announce mailing list [email protected] https://lists.isc.org/mailman/listinfo/bind-announce
