A Note About Today's New BIND Releases
Michael McNally
mcnally at isc.org
Wed Jun 11 22:04:35 UTC 2014
Today ISC publicly releases three new versions of BIND:
BIND 9.10.0-P2
BIND 9.9.5-P1
BIND 9.8.7-P1
Version 9.10.0-P2 is a security release of BIND and addresses
a critical vulnerability, CVE-2014-3859, that can be used as a
denial of service vector against all authoritative and recursive
nameservers running BIND 9.10.0 or BIND 9.10.0-P1. If you are
running a version from the BIND 9.10 branch, you should upgrade
to 9.10.0-P2 as soon as possible.
The other two release versions, BIND 9.9.5-P1 and BIND 9.8.7-P1
are being released simultaneously but are being labeled as
"operational releases"; the critical security vulnerability
disclosed in CVE-2014-3859 does not apply to the BIND 9.8 or 9.9
branches but they do correct an issue caused by changes to the
Gnu Compiler Collection (GCC) which was previously disclosed in
this ISC Operational Notification https://kb.isc.org/article/AA-01167
These new versions of BIND remove the need for those who are building
BIND with GCC 4.9.0 or greater to use the manual workaround
described in that notification.
All three versions contain minor other fixes as well; please
consult the release notes for full details and look for the
notes marked with ** (which denote changes since the last release.)
BIND 9.10.0-P2 notes: https://kb.isc.org/article/AA-01171
BIND 9.9.5-P1 notes: https://kb.isc.org/article/AA-01170
BIND 9.8.7-P1 notes: https://kb.isc.org/article/AA-01169
In summary:
BIND 9.10.0-P2:
- fixes security issue CVE-2014-3859
- fixes issue from ISC Operational Notification of 4 June 2014
- includes other minor fixes
BIND 9.9.5-P1:
- security issue CVE-2014-3859 is not applicable
- fixes issue from ISC Operational Notification of 4 June 2014
BIND 9.8.7-P1:
- security issue CVE-2014-3859 is not applicable
- fixes issue from ISC Operational Notification of 4 June 2014
- includes other minor fixes
As always, these versions of BIND can be downloaded from the
ISC downloads page: http://www.isc.org/downloads or directly
from the ISC ftp server ftp://ftp.isc.org/isc/bind9
More information about the bind-users
mailing list