The other ISC (Internet Systems Consortium) has released a security advisory on BIND and security patches for nameservers running with DNSSEC validation enabled. Essentially it is possible for inappropriate caching of records from the additional records section of a query response. Typically, however, resolvers don't query in such a way as to make this a wide-impacting problem for the bulk of users. You can read the advisory here. Upgrade to 9.4.3-P4, 9.5.2-P1 or 9.6.1-P2. -- |
John 262 Posts ISC Handler Nov 24th 2009 |
Thread locked Subscribe |
Nov 24th 2009 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!