Security Update:The Internet Systems Consortium (ISC) has released security updates that address vulnerabilities affecting multiple versions of ISC Berkeley Internet Name Domain (BIND)
Date and Time
The Internet Systems Consortium (ISC) has released security updates that address vulnerabilities affecting multiple versions of ISC Berkeley Internet Name Domain (BIND).
Advanced Users: For a complete description of the vulnerabilities visit:
- CVE-2019-6471: A race condition when discarding malformed packets can cause BIND to exit with an assertion failure at: https://kb.isc.org/docs/cve-2019-6471
- BIND 9.11.0 -> 9.11.7, 9.12.0 -> 9.12.4-P1, 9.14.0 -> 9.14.2.
- Also all releases of the BIND 9.13 development branch and version 9.15.0 of the BIND 9.15 development branch.
- BIND Supported Preview Edition versions 9.11.3-S1 -> 9.11.7-S1.
WHAT'S THE PROBLEM?
Exploitation of this vulnerability could allow a remote attacker to cause a denial-of-service condition.
WHAT DO I NEED TO DO?
Users and administrators are encouraged to review the above CVEs and apply the necessary updates.
- IT Security at http://it.ucsf.edu/security