FYI and just to clarify, Red Hat Security Advisory CVE-2018-5742 does
not exist in any version of BIND available directly from ISC; it is
present solely in the version(s) identified by Red Hat in their own

The problem was accidentally introduced during a backport of the NTA
(Negative Trust Anchor) feature from ISC BIND 9.11.

Both Red Hat and CentOS have BIND distributions that are affected.

The associated defect reports can be found here:

For anyone who would like to take this opportunity to migrate to a
supported ISC version of BIND, please see our downloads page:

We realise that for many, access to packaged versions of BIND 9 is the
reason that they chose to run the version of BIND offered by their OS
platform rather than building their own.  You might be interested to
hear that we're working on providing packaged builds of ISC BIND for
some platforms.  Details here:

For a comparison of feature availability in different versions of BIND
from ISC, see:

(Please also note that BIND 9.9 and 9.10 from ISC are now EOL).

Cathy Almond
ISC Support
Please visit to unsubscribe 
from this list

bind-users mailing list

Reply via email to