Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <f4082239-934b-1bdd-2125-0ad609ed5058@isc.org>
Date: Wed, 19 Jun 2019 17:13:38 -0800
From: Michael McNally <mcnally@....org>
To: oss-security@...ts.openwall.com
Subject: ISC disclosed BIND vulnerability CVE-2019-6471.

Today ISC disclosed a vulnerability in our BIND software.

Information about the vulnerability can be found in the ISC Knowledge
Base:

   CVE-2019-6471:  A race condition when discarding malformed
   packets can cause BIND to exit with an assertion failure
   https://kb.isc.org/docs/cve-2019-6471

New maintenance releases of BIND released today contain the fix
for the vulnerability along with other bug fixes and feature
improvements.  They may be downloaded from the ISC web site's
download page (https://www.isc.org/downloads)

   -  9.11.8
   -  9.12.4-P2
   -  9.14.3
   -  9.15.1

With the public disclosure of these vulnerabilities, parties which
had been given advance notice concerning them are released from
non-disclosure and packagers and redistributors are encouraged to
publish updated packages containing fixes.

If you have additional questions, please direct them to
security-officer@....org

Thank you,

Michael McNally
ISC Security Officer

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.