Security Update:Internet Systems Consortium Released Updates for BIND to Address a High Rated Vulnerability
Date and Time
The Internet Systems Consortium (ISC) has released updates that address a vulnerability in BIND.
Advanced Users: For a complete description of the vulnerability visit ISC Knowledge Base Article AA-01419 (CVE-2016-2776: Assertion Failure in buffer.c While Building Responses to a Specifically Constructed Request) at https://kb.isc.org/article/AA-01419/0.
AVAILABLE UPDATES INCLUDE:
- BIND 9 version 9.9.9-P3
- BIND 9 version 9.10.4-P3
- BIND 9 version 9.11.0rc3
- BIND 9 version 9.9.9-S5
WHAT'S THE PROBLEM?
Exploitation of the vulnerability could allow a remote attacker to cause a denial-of-service condition.
WHAT DO YOU NEED TO DO?
Users and administrators are encouraged to review the Knowledge Base Article AA-01419 (https://kb.isc.org/article/AA-01419/0) and apply the necessary updates.
- IT Security at http://it.ucsf.edu/security