Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <a2f2721f-41e3-ee84-589f-e74bda03810a@isc.org>
Date: Tue, 27 Sep 2016 12:38:33 -0500
From: ISC Security Officer <security-officer@....org>
To: oss-security@...ts.openwall.com
Cc: ISC Security Officer <security-officer@....org>
Subject: BIND9 CVE-2016-2776: Assertion Failure in buffer.c While Building
 Responses to a Specifically Constructed Request

Please be advised that ISC publicly announced a vulnerability in the
BIND 9 software.

CVE-2016-2776 is a denial-of-service vector which can potentially be
exploited against BIND 9 servers.  All versions prior to the current
releases are vulnerable.

Our full CVE text can be found at https://kb.isc.org/article/AA-01419/0

New releases of BIND, including security fixes for this vulnerability,
are available at: www.isc.org/downloads/

Release notes can be obtained using the following links:

ftp://ftp.isc.org/isc/bind9/9.9.9-P3/
ftp://ftp.isc.org/isc/bind9/9.10.4-P3/
ftp://ftp.isc.org/isc/bind9/9.11.0rc3/

-- 
Brian Conry
ISC Support
Acting Security Officer




Download attachment "signature.asc" of type "application/pgp-signature" (456 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.