On 16/10/2019 18:37, Cathy Almond wrote: > New security releases of BIND are available which contain fixes for > the CVEs disclosed today. > > The new versions of BIND are available for download from the ISC website's > downloads page -- https://www.isc.org/downloads > > Release notes can be found via these links. > > Stable release branches: > 9.11.12: > https://downloads.isc.org/isc/bind9/9.11.12/RELEASE-NOTES-bind-9.11.12.html > 9.14.7: > https://downloads.isc.org/isc/bind9/9.14.7/RELEASE-NOTES-bind-9.14.7.html > > Experimental development branch > 9.15.5: > https://downloads.isc.org/isc/bind9/9.15.5/RELEASE-NOTES-bind-9.15.5.html > > Cathy Almond > ISC Support >
To clarify, BIND 9.11.12 is not a security release, but BIND 9.14.7 and 9.15.5 are. The two CVEs disclosed today affect only BIND 9.14 and 9.15; the BIND 9.11 branch is not vulnerable. Apologies for the ambiguous communication and any confusion that may have been caused as a result. Cathy Almond ISC Support _______________________________________________ bind-announce mailing list bind-announce@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-announce
