Two BIND 9 Security Vulnerabilities Announced Today
ISC is releasing updated versions of BIND 9 to address two newly-discovered security vulnerabilities We have released new versions of BIND: 9.Read post
ISC published BIND under a very permissive open source license nearly two decades ago. Since then, it has become the world’s most widely used nameserver. Partly, this is due to the popularity of commercial services and software based on BIND. While this is welcome, and these commercial products are undoubtedly adding value, unfortunately not all of these users are giving back to the open source – either by contributing code or supporting the core team financially.
This is unfair to those organizations that are sustaining the open source BIND, a significant and valuable community asset. ISC is the organizational steward for BIND; in order to preserve the software for the long term, we are considering a move to the more restrictive Mozilla Public License (MPL 2.0). (read about it at tl;dr Legal https://tldrlegal.com/license/mozilla-public-license-2.0-(mpl-2))
The MPL license requires that anyone redistributing the code who has changed it must publish their changes (or pay for an exception to the license). It doesn’t impact anyone who is using the software without redistributing it, nor anyone redistributing it without changes - so most users will not see any change.
In the event we do proceed with the change in license, it will take effect with the BIND 9.11.0 release.
Jeff Osborn, President of ISC, announcing we are considering this change at RIPE72 in Copenhagen May 26th:
What's New from ISC