For up-to-date release notes and errata, see
http://www.isc.org/software/bind9/releasenotes
+BIND 9.10.2-P3
+
+ BIND 9.10.2-P3 is a security release addressing the flaw
+ described in CVE-2015-5477.
+
BIND 9.10.2-P2
BIND 9.10.2-P2 is a security release addressing the flaw
<para>
This document summarizes changes since BIND 9.10.2:
</para>
+ <para>
+ BIND 9.10.2-P3 addresses a security issue described in
+ CVE-2015-5477.
+ </para>
<para>
BIND 9.10.2-P2 addresses a security issue described in
CVE-2015-4620.
<sect2 id="relnotes_security">
<title>Security Fixes</title>
<itemizedlist>
+ <listitem>
+ <para>
+ A specially crafted query could trigger a assertion failure
+ message.c.
+ </para>
+ <para>
+ This flaw is disclosed in CVE-2015-5477. [RT #39795]
+ </para>
+ </listitem>
<listitem>
<para>
On servers configured to perform DNSSEC validation an
assertion failure could be triggered on answers from
a specially configured server.
</para>
+ <para>
This flaw was discovered by Breno Silveira Soares, and is
disclosed in CVE-2015-4620. [RT #39795]
- </para>
- </listitem>
+ </para>
+ </listitem>
</itemizedlist>
</sect2>
<sect2 id="relnotes_features">
already in progress. [RT #39649]
</para>
</listitem>
- </itemizedlist>
+ </itemizedlist>
</listitem>
</itemizedlist>
</sect2>
The end of life for BIND 9.10 is yet to be determined but
will not be before BIND 9.12.0 has been released for 6 months.
<ulink url="https://www.isc.org/downloads/software-support-policy/"
- >https://www.isc.org/downloads/software-support-policy/</ulink>
+ >https://www.isc.org/downloads/software-support-policy/</ulink>
</para>
</sect2>
<sect2 id="relnotes_thanks">
projects / thirdparty / bind9.git / commitdiff
