New releases of BIND are available, containing patches to correct CVE-2018-5740 (https://kb.isc.org/article/AA-01639)
They can be downloaded from https://www.isc.org/downloads and you can learn more about them from their release notes: 9.9.13-P1: https://kb.isc.org/article/AA-01642/81/BIND-9.9.13-P1 9.10.8-P1: https://kb.isc.org/article/AA-01643/81/BIND-9.10.8-P1 9.11.4-P1: https://kb.isc.org/article/AA-01644/81/BIND-9.11.4-P1 9.12.2-P1: https://kb.isc.org/article/AA-01645/81/BIND-9.12.2-P1 We know that security releases are disruptive for many operators and in this case the patch is for a fix in a very little-used feature. We would therefore advise any operators concerned about upgrading to read this particular security advisory carefully and decide whether it applies to their installation. Also, we'd like to remind users who are still on the 9.9 and 9.10 branches that support for those branches officially ended at the end of July. As with these recent patches we may continue to provide security patch releases for them for a period but operators are advised to make plans to migrate to a supported branch. BIND 9.11 is the branch which is the currently designated Extended Support Version. _______________________________________________ bind-announce mailing list bind-announce@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-announce