Blogs

  • BIND9 Adopts the MPL 2.0 License with BIND 9.11.0

    ISC published BIND under a very permissive open source license nearly two decades ago, and we have been maintaining it ever since. In December we announced we were changing the license for our Kea DHCP server to the modern and widely-used Mozilla Public License (MPL 2.0). The MPL 2.0 license requires that if you make changes to licensed software (e.g. BIND) and distribute

    Read more
    0
  • ISC considering a change to the BIND9 license

    ISC published BIND under a very permissive open source license nearly two decades ago. Since then, it has become the world’s most widely used nameserver. Partly, this is due to the popularity of commercial services and software based on BIND. While this is welcome, and these commercial products are undoubtedly adding value, unfortunately not all of these users are giving back to

    Read more
    0
  • The ISC Performance Lab

    ISC’s BIND DNS server software is renowned for its rich feature set and compliance with standards but not for its performance. To allow us to focus on BIND’s performance we have recently invested significantly in new hardware in our test lab for dedicated 24/7 performance testing, and have also developed a new web-based system for automated performance tests. Whilst we’ve

    Read more
    0
  • ISC Joins The Open Source Initiative

    ISC has joined the Open Source Initiative as an Affiliate Member.   ISC has developed and supported open source systems for many years. We are delighted to join forces with other open source advocates and developers to help bring a unified voice to our growing movement.   Quoting from OSI’s press release today: “There are only a few organizations that can

    Read more
    0
  • A few words about the glibc vulnerability, CVE-2015-7547

    On February 16th, news reached ISC about CVE-2015-7547, a serious defect in the getaddrinfo() library call in glibc.  This defect allows an attacker to cause buffer overflow to occur, creating the possibility of remote code execution in some circumstances.  ISC has been asked by several of our customers and partners to comment on whether this vulnerability should be of concern

    Read more
    0
  • 2015 ISC Open Source Accomplishments

    We are proud of another year of solid, responsible maintenance of our three core software products, BIND, ISC DHCP and Kea.   BIND 2015 Releases We issued four BIND9 maintenance releases and twelve security patch releases. In addition we made five releases of our -S edition for subscribers and two experimental releases. The last two types of releases incorporate both features and

    Read more
    0
  • Resolve to become more of a contributor, less of a free-loader, in 2016

    Do you work for an open-source Freeloader? This week is a great time to assess what open source your organization uses, and make sure you are doing ‘your share’ to support these community resources. All tech companies use open source, but not all of them support it.  Everyone loves leveraging open source, but not every organization shows that love in

    Read more
    0
  • ISC Contributions to Internet Organizations

    In addition to all the work we do, maintaining BIND and ISC DHCP, developing Kea and operating F-root and our subsidized SNS and hosting services, ISC employees make a number of contributions to other open source projects and Internet organizations.   Internet Organizations ISOC – David Farber, one of ISC’s Directors, is a current Trustee of the Internet Society. Jeff Osborn,

    Read more
    0
  • Kea to be released under Mozilla Public License 2.0

    In the past, ISC has released all of its open-source software under a simple license that we created. It’s called “The ISC License”; see https://en.wikipedia.org/wiki/ISC_license. The software world has changed in the years since we wrote the ISC license. Hundreds of lawyers have been involved in the writing and editing of open source licenses. There are many and varied licenses

    Read more
    0
  • H-Root will change its addresses on 1 December 2015. What does this mean for you?

      http://h.root-servers.org/renumber.html   The Internet DNS root nameservers are the servers which are authoritative for “.”, the apex of the DNS namespace. They are the starting point for resolving all public names. If you’re running a recursive server, you’re either relying on a built-in set of ‘root hints’, or you will have configured them manually. So isn’t renumbering one of these vital servers a

    Read more
    0
  • CVE-2015-5986: An incorrect boundary check can trigger a REQUIRE assertion failure in openpgpkey_61.c

    CVE: CVE-2015-5986 Document Version: 2.0 Posting date: 02 September 2015 Program Impacted: BIND Versions affected: 9.9.7 -> 9.9.7-P2, 9.10.2 -> 9.10.2-P3. Severity: Critical Exploitable: Remotely Description: An incorrect boundary check in openpgpkey_61.c can cause named to terminate due to a REQUIRE assertion failure.  This defect can be deliberately exploited by an attacker who can provide a maliciously constructed response in answer to a query. Impact: A server which

    Read more
    0
  • CVE-2015-5722: Parsing malformed keys may cause BIND to exit due to a failed assertion in buffer.c

    CVE:  CVE-2015-5722 Document Version:        2.0 Posting date:  2 September 2015 Program Impacted:  BIND Versions affected: BIND 9.0.0 -> 9.8.8,  BIND 9.9.0 -> 9.9.7-P2, BIND 9.10.0 -> 9.10.2-P3 Severity:  Critical Exploitable:  Remotely Description: Parsing a malformed DNSSEC key can cause a validating resolver to exit due to a failed assertion in buffer.c.  It is possible for a remote attacker to deliberately trigger this condition, for example

    Read more
    0

Last modified: February 22, 2016 at 1:27 pm