[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] ISC disclosed BIND vulnerability CVE-2019-6471.
From:       Michael McNally <mcnally () isc ! org>
Date:       2019-06-20 1:13:38
Message-ID: f4082239-934b-1bdd-2125-0ad609ed5058 () isc ! org
[Download RAW message or body]

Today ISC disclosed a vulnerability in our BIND software.

Information about the vulnerability can be found in the ISC Knowledge
Base:

   CVE-2019-6471:  A race condition when discarding malformed
   packets can cause BIND to exit with an assertion failure
   https://kb.isc.org/docs/cve-2019-6471

New maintenance releases of BIND released today contain the fix
for the vulnerability along with other bug fixes and feature
improvements.  They may be downloaded from the ISC web site's
download page (https://www.isc.org/downloads)

   -  9.11.8
   -  9.12.4-P2
   -  9.14.3
   -  9.15.1

With the public disclosure of these vulnerabilities, parties which
had been given advance notice concerning them are released from
non-disclosure and packagers and redistributors are encouraged to
publish updated packages containing fixes.

If you have additional questions, please direct them to
security-officer@isc.org

Thank you,

Michael McNally
ISC Security Officer
[prev in list] [next in list] [prev in thread] [next in thread]