-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 BIND 9.8.0-P1 is now available for download.
This release fixes one security related issue. The full up to date advisory regarding this issue is available at: https://www.isc.org/CVE-2011-1907. A text version of the advisory will be provided for ease of use, but this advisory may be updated. The url will have the up to date version. This release, and its OpenPGP-signatures are available now from: ftp://ftp.isc.org/isc/bind9/9.8.0-P1/bind-9.8.0-P1.tar.gz ftp://ftp.isc.org/isc/bind9/9.8.0-P1/bind-9.8.0-P1.tar.gz.sha512.asc ftp://ftp.isc.org/isc/bind9/9.8.0-P1/bind-9.8.0-P1.tar.gz.sha256.asc ftp://ftp.isc.org/isc/bind9/9.8.0-P1/bind-9.8.0-P1.tar.gz.sha1.asc ISC's Release Signing Key can be obtained at: http://www.isc.org/about/openpgp/ BIND 9.8.0-P1 Release Notes: Introduction BIND 9.8.0-P1 is security patch for BIND 9.8.0. Please see the CHANGES file in the source code release for a complete list of all changes. Download The latest development versions of BIND 9 software can always be found on our web site at http://www.isc.org/downloads/development. There you will find additional information about each release, source code, and some pre-compiled versions for certain operating systems. Support Product support information is available on http://www.isc.org/services/support for paid support options. Free support is provided by our user community via a mailing list. Information on all public email lists is available at https://lists.isc.org/mailman/listinfo. Security Fixes 9.8.0-P1 * BIND 9.8.0 introduced Response Policy Zones (RPZ), a mechanism for modifying DNS responses returned by a recursive server according to a set of rules which are either defined locally or imported from a reputation provider. In typical configurations, RPZ is used to force negative (NXDOMAIN) responses for untrusted names. However, it can also be used to replace the answer for a given query, returning a positive response defined by local policy. In BIND 9.8.0, when an RPZ was configured to replace the answer RRset for a given name, a query of type RRSIG for that name could trigger an assertion failure and cause the name server process to exit. [RT #24280] [CVE-2011-1907] Known issues in this release * None. Thank You Thank you to everyone who assisted us in making this release possible. If you would like to contribute to ISC to assist us in continuing to make quality open source software, please visit our donations page at http://www.isc.org/supportisc. -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.14 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJNwztnAAoJEBOIp87tasiUv60H/jUwC6PjilOARAYyAH+ahk82 ttROEJm1KjY01ILd7taG52N+HSztBFfVa/+0/3qoN6Q1A3+bbdBu5OJIoNVW0p1X R6IS/m4dekv4/y0o4NtG4TpSTgVJoAIyBB/UsjtIGcbOOqeH9NWZRkEDodCgErA7 PohZtZV6FAbHbggEj4SGDLGKHZxOoeyrLSkZJYrWbAxwfK5RDUUAPrnsjlNifBQv haXsrGm+HAeM3I//5X0h4ZrtS8YJ0b9ndUcjkkkPoxUMITmOqhQxnvnkJNtDXyaN SbFPUPPj5xhxYPF0QAyJ1fCTQBItXYsldVCZLJSLPkFdwcwgAJU0wt3MqI5RgmY= =Glt0 -----END PGP SIGNATURE----- _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
