IMPORTANT: The security issue described below has been confirmed by ISC
to be 'in the wild' as of 18:00UTC July 26, and exploitation of this
vulnerability against production servers has been reported by multiple
organizations. Please be advised that immediate action is recommended.
A specially cra
the releases are published next Tuesday. It is our hope that
this pre-announcement will aid BIND operators in planning to respond to
that disclosure when it occurs.
Michael McNally
ISC Security Officer
P.S.: if you have feedback or questions concerning this new policy,
kindly direct them to
disclosure when it occurs.
Michael McNally
ISC Security Officer
P.S.: if you have feedback or questions concerning this policy,
kindly direct them to security-offi...@isc.org
___
bind-announce mailing list
bind-announce@lists.isc.org
https://lists.isc.o
prefer not to use any of the workarounds but still require the use
of serve-stale. If you require a patch diff, please request one
by e-mail to security-offi...@isc.org
Michael McNally
ISC Security Officer
-
Operational Notification: Enabling the new BIND option
"stale-answer-client-time
To our users --
This week we issued new release versions of BIND (9.11.28, 9.16.12,
and 9.17.10, plus versions 9.11.28-S1 and 9.16.12-S1 of BIND
Supported Preview Edition for those customers who are eligible.)
Unfortunately a second issue has now been uncovered that may
affect operators upgrading
To our users --
Following further research, we have revised the Operational Notification
published at the end of last week as we now have an improved
understanding of its likely impact on authoritative BIND servers.
The situation is not quite as serious as originally announced for those
whose serv
