> Does this apply to all resolvers that support these record types Yes
> Is there any way to configure BIND to not support serving these types of > records? No. You can probably delete the implementation and recompile the old version, but then it just might be easier to upgrade (or apply the patch for these two). Ondrej -- Ondřej Surý (He/Him) [email protected] My working hours and your working hours may be different. Please do not feel obligated to reply outside your normal working hours. > On 21. 1. 2026, at 17:49, Sebby, Brian A. via bind-users > <[email protected]> wrote: > > I apologize; I accidentally hit Send before completing my message. > > Just for a bit of clarity, the security vulnerability indicates that it can > cause a resolver to crash with malformed BRID or HHIT records. Does this > apply to all resolvers that support these record types, or only in cases > where your server does serve records of these types? I’m assuming the former > but just wanted to check. Is there any way to configure BIND to not support > serving these types of records? > > > Thanks, > > Brian > > -- > Brian Sebby (he/him/his) | Lead Systems Engineer > Email: [email protected] | Information Technology Infrastructure > Phone: +1 630.252.9935 | Business Information Services > Cell: +1 630.921.4305 | Argonne National Laboratory > From: Sebby, Brian A. <[email protected]> > Date: Wednesday, January 21, 2026 at 10:44 AM > To: [email protected] <[email protected]> > Subject: Re: New BIND 9 releases: 9.18.44, 9.20.18, 9.21.17 > > Just for a bit of clarity, the security vulnerability indicates that it can > cause a resolver to crash with malformed BRID or HH > > -- > Brian Sebby (he/him/his) | Lead Systems Engineer > Email: [email protected] | Information Technology Infrastructure > Phone: +1 630.252.9935 | Business Information Services > Cell: +1 630.921.4305 | Argonne National Laboratory > From: bind-announce <[email protected]> on behalf of > Suzanne Goldlust <[email protected]> > Date: Wednesday, January 21, 2026 at 7:03 AM > To: [email protected] <[email protected]> > Subject: New BIND 9 releases: 9.18.44, 9.20.18, 9.21.17 > > This Message Is From an External Sender > This message came from outside your organization. > Our January 2026 maintenance releases of BIND 9 are available and can be > downloaded from the links below. Packages and container images provided by > ISC will be updated later today. > > In addition to bug fixes and feature improvements, these releases also > contain fixes for a security vulnerability. More information can be found in > the following Security Advisory: > > https://urldefense.us/v3/__https://kb.isc.org/docs/cve-2025-13878__;!!G_uCfscf7eWS!d0s-4i1hti59FxMTbbE4MFk1Sq6MdrsFh95Ob-Mt064-pwP5hDq1UeJQf4Ixna0nEpQ8OIROe1yRJew$ > > A link to each newly-released version follows. Each release directory > includes a complete source tarball, cryptographic signature, and release > notes. The release notes provide a summary of significant changes, and should > be reviewed before upgrading. > > - Current supported stable branches: > > - 9.18.44 - > https://urldefense.us/v3/__https://downloads.isc.org/isc/bind9/9.18.44/__;!!G_uCfscf7eWS!d0s-4i1hti59FxMTbbE4MFk1Sq6MdrsFh95Ob-Mt064-pwP5hDq1UeJQf4Ixna0nEpQ8OIROLLuMLQw$ > - 9.20.18 - > https://urldefense.us/v3/__https://downloads.isc.org/isc/bind9/9.20.18/__;!!G_uCfscf7eWS!d0s-4i1hti59FxMTbbE4MFk1Sq6MdrsFh95Ob-Mt064-pwP5hDq1UeJQf4Ixna0nEpQ8OIROMXXa1DI$ > > - Experimental development branch: > > - 9.21.17 - > https://urldefense.us/v3/__https://downloads.isc.org/isc/bind9/9.21.17/__;!!G_uCfscf7eWS!d0s-4i1hti59FxMTbbE4MFk1Sq6MdrsFh95Ob-Mt064-pwP5hDq1UeJQf4Ixna0nEpQ8OIROrLsT550$ > > For more information and other release formats, consult the ISC software > download page: > https://urldefense.us/v3/__https://www.isc.org/download/__;!!G_uCfscf7eWS!d0s-4i1hti59FxMTbbE4MFk1Sq6MdrsFh95Ob-Mt064-pwP5hDq1UeJQf4Ixna0nEpQ8OIRO9iZzXSA$ > > --- > > As a reminder, BIND’s supported platforms are listed in the ARM > (https://urldefense.us/v3/__https://bind9.readthedocs.io/en/stable/chapter2.html*supported-platforms__;Iw!!G_uCfscf7eWS!d0s-4i1hti59FxMTbbE4MFk1Sq6MdrsFh95Ob-Mt064-pwP5hDq1UeJQf4Ixna0nEpQ8OIROyUh2pHU$) > and in this knowledgebase article > (https://urldefense.us/v3/__https://kb.isc.org/docs/supported-platforms__;!!G_uCfscf7eWS!d0s-4i1hti59FxMTbbE4MFk1Sq6MdrsFh95Ob-Mt064-pwP5hDq1UeJQf4Ixna0nEpQ8OIRO-WnT8VQ$). > -- > bind-announce mailing list > [email protected] > https://urldefense.us/v3/__https://lists.isc.org/mailman/listinfo/bind-announce__;!!G_uCfscf7eWS!d0s-4i1hti59FxMTbbE4MFk1Sq6MdrsFh95Ob-Mt064-pwP5hDq1UeJQf4Ixna0nEpQ8OIRO1Jf2C5o$ > > -- > Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from > this list. -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list.
