Today ISC publicly releases three new versions of BIND: BIND 9.10.0-P2 BIND 9.9.5-P1 BIND 9.8.7-P1
Version 9.10.0-P2 is a security release of BIND and addresses a critical vulnerability, CVE-2014-3859, that can be used as a denial of service vector against all authoritative and recursive nameservers running BIND 9.10.0 or BIND 9.10.0-P1. If you are running a version from the BIND 9.10 branch, you should upgrade to 9.10.0-P2 as soon as possible. The other two release versions, BIND 9.9.5-P1 and BIND 9.8.7-P1 are being released simultaneously but are being labeled as "operational releases"; the critical security vulnerability disclosed in CVE-2014-3859 does not apply to the BIND 9.8 or 9.9 branches but they do correct an issue caused by changes to the Gnu Compiler Collection (GCC) which was previously disclosed in this ISC Operational Notification https://kb.isc.org/article/AA-01167 These new versions of BIND remove the need for those who are building BIND with GCC 4.9.0 or greater to use the manual workaround described in that notification. All three versions contain minor other fixes as well; please consult the release notes for full details and look for the notes marked with ** (which denote changes since the last release.) BIND 9.10.0-P2 notes: https://kb.isc.org/article/AA-01171 BIND 9.9.5-P1 notes: https://kb.isc.org/article/AA-01170 BIND 9.8.7-P1 notes: https://kb.isc.org/article/AA-01169 In summary: BIND 9.10.0-P2: - fixes security issue CVE-2014-3859 - fixes issue from ISC Operational Notification of 4 June 2014 - includes other minor fixes BIND 9.9.5-P1: - security issue CVE-2014-3859 is not applicable - fixes issue from ISC Operational Notification of 4 June 2014 BIND 9.8.7-P1: - security issue CVE-2014-3859 is not applicable - fixes issue from ISC Operational Notification of 4 June 2014 - includes other minor fixes As always, these versions of BIND can be downloaded from the ISC downloads page: http://www.isc.org/downloads or directly from the ISC ftp server ftp://ftp.isc.org/isc/bind9 _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
