headers
ISC Support Engineering Staff | 9 Feb 03:02
Favicon
Gravatar

NOTICE: ISC Update to CVE-2012-1033 - Ghost domain names

After completing our analysis of the DNS exploit reported by Professor
Haixin Duan of Tsinghua University, ISC has determined that the behavior
he describes, while verifiable, is due to design issues in the DNS
protocol. 

Please read the complete update here:
https://www.isc.org/software/bind/advisories/cve-2012-1033
_______________________________________________
bind-announce mailing list
bind-announce <at> lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-announce
Permalink | Reply | 0 comments |
headers
Michael McNally | 8 Feb 06:57
Favicon

PLEASE READ: An Important Security Announcement from ISC

PLEASE READ:  An important security announcement from ISC

   ISC has been notified by Haixin Duan (a professor at Tsinghua
   University in Beijing China, who is currently visiting the
   International Computer Science Institute (ICSI) at the University
   of California, Berkeley) about a DNS resolver vulnerability that
   potentially allows a party to keep a domain name in the cache
   even after that domain name has been expired

   ISC is evaluating the risk of this vulnerability, but his published
   paper shows how this was demonstrated, live across the Internet.
   It lists several DNS implementations and open resolver deployments
   as vulnerable. All BIND 9 versions are currently considered
   vulnerable.

   A more detailed description of this vulnerability and ISC's
   planned response can be found at:

      https://www.isc.org/software/bind/advisories/cve-2012-1033
_______________________________________________
bind-announce mailing list
bind-announce <at> lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-announce
Permalink | Reply | 0 comments |
headers
Michael McNally | 1 Feb 04:30
Favicon

BIND 9.9.0rc2 is now available

Introduction

   BIND 9.9.0rc2 is the second release candidate for BIND 9.9.0

   This document summarizes changes from BIND 9.8 to BIND 9.9.  Please
   see the CHANGES file in the source code release for a complete
   list of all changes.

Download

   The latest versions of BIND 9 software can always be found on our
   web site at http://www.isc.org/downloads/all. There you will find
   additional information about each release, source code, and
   pre-compiled versions for Microsoft Windows operating systems.

Support

   Product support information is available on
   http://www.isc.org/services/support for paid support options.
   Free support is provided by our user community via a mailing list.
   Information on all public email lists is available at
   https://lists.isc.org/mailman/listinfo.

Security Fixes

   new in 9.9.0rc2

   - no new security fixes have been added since 9.9.0rc1

   previously included in 9.9.0rc1
(Continue reading)

Permalink | Reply | 0 comments |
headers
Michael McNally | 1 Feb 04:17
Favicon

BIND 9.9.0rc2 is now available.

Introduction

  BIND 9.9.0rc2 is the second release candidate for BIND 9.9.0

  This document summarizes changes from BIND 9.8 to BIND 9.9.  Please
  see the CHANGES file in the source code release for a complete
  list of all changes.

Download

  The latest versions of BIND 9 software can always be found on our
  web site at http://www.isc.org/downloads/all. There you will find
  additional information about each release, source code, and
  pre-compiled versions for Microsoft Windows operating systems.

Support

  Product support information is available on
  http://www.isc.org/services/support for paid support options.
  Free support is provided by our user community via a mailing list.
  Information on all public email lists is available at
  https://lists.isc.org/mailman/listinfo.

Security Fixes

  new in 9.9.0rc2

  - no new security fixes have been added since 9.9.0rc1

  previously included in 9.9.0rc1
(Continue reading)

Permalink | Reply | 0 comments |
headers
Michael McNally | 20 Jan 19:11
Favicon

BIND 9.8.2rc1 is now available

Introduction

  BIND 9.8.2rc1 is the first release candidate of BIND 9.8.2.

  This document summarizes changes from BIND 9.8.1 to BIND 9.8.2rc1.
  Please see the CHANGES file in the source code release for a complete
  list of all changes.

Download

  The latest versions of BIND 9 software can always be found on our
  web site at http://www.isc.org/downloads/all. There you will find
  additional information about each release, source code, and
  pre-compiled versions for Microsoft Windows operating systems.

Support

  Product support information is available on
  http://www.isc.org/services/support for paid support options. Free
  support is provided by our user community via a mailing list.
  Information on all public email lists is available at
  https://lists.isc.org/mailman/listinfo.

Security Fixes

  + BIND 9 nameservers performing recursive queries could cache an
    invalid record and subsequent queries for that record could
    crash the resolvers with an assertion failure. [RT #26590]
    [CVE-2011-4313]
(Continue reading)

Permalink | Reply | 0 comments |
headers
Michael McNally | 20 Jan 19:11
Favicon

BIND 9.7.5rc1 is now available

Introduction

  BIND 9.7.5rc1 is the first release candidate of BIND 9.7.5.

  This document summarizes changes from BIND 9.7.4 to BIND 9.7.5rc1.
  Please see the CHANGES file in the source code release for a
  complete list of all changes.

Download

  The latest versions of BIND 9 software can always be found on our
  web site at http://www.isc.org/downloads/all. There you will find
  additional information about each release, source code, and
  pre-compiled versions for Microsoft Windows operating systems.

Support

  Product support information is available on
  http://www.isc.org/services/support for paid support options.
  Free support is provided by our user community via a mailing list.
  Information on all public email lists is available at
  https://lists.isc.org/mailman/listinfo.

Security Fixes

  + BIND 9 nameservers performing recursive queries could cache an
    invalid record and subsequent queries for that record could
    crash the resolvers with an assertion failure. [RT #26590]
    [CVE-2011-4313]
(Continue reading)

Permalink | Reply | 0 comments |
headers
Michael McNally | 20 Jan 19:11
Favicon

BIND 9.6-ESV-R6rc1 is now available

Introduction

  BIND 9.6-ESV-R6rc1 is the first release candidate of BIND 9.6-ESV-R6.

  This document summarizes changes from BIND 9.6-ESV-R5 to BIND
  9.6-ESV-R6rc1.  Please see the CHANGES file in the source code
  release for a complete list of all changes.  Please see the CHANGES
  file in the source code release for a complete list of all changes.

Download

  The latest versions of BIND 9 software can always be found on our
  web site at http://www.isc.org/downloads/all. There you will find
  additional information about each release, source code, and
  pre-compiled versions for Microsoft Windows operating systems.

Support

  Product support information is available on
  http://www.isc.org/services/support for paid support options.
  Free support is provided by our user community via a mailing list.
  Information on all public email lists is available at
  https://lists.isc.org/mailman/listinfo.

Security Fixes

  + BIND 9 nameservers performing recursive queries could cache an
    invalid record and subsequent queries for that record could
    crash the resolvers with an assertion failure. [RT #26590]
    [CVE-2011-4313]
(Continue reading)

Permalink | Reply | 0 comments |
headers
Jeremy C. Reed | 19 Jan 15:09
Favicon
Gravatar

Development release of BIND 10: bind10-devel-20120119


	Development release of BIND 10: bind10-devel-20120119

Welcome to the sixteenth development release of BIND 10.

BIND 10 provides a C++ library for DNS (with python wrappers) and
several cooperating daemons for providing authoritative DNS service
(with SQLite3 which supports DNSSEC and in-memory backends),
DNS forwarding, and recursive name service. While it contains prototype
code and experimental interfaces, both the authoritative and resolver
servers are being used in production. It also provides experimental
DHCPv4 and DHCPv6 servers and a C++ library for DHCP.

Documentation is included and also available via the BIND 10
website at http://bind10.isc.org/

The bind10-devel-20120119 source may be downloaded from:

	ftp://ftp.isc.org/isc/bind10/devel-20120119/bind10-devel-20120119.tar.gz

A PGP signature of the distribution is at

	ftp://ftp.isc.org/isc/bind10/devel-20120119/bind10-devel-20120119.tar.gz.sha512.asc

The signature was generated with the ISC public key, which is
available at https://www.isc.org/about/openpgp

Users and developers are encouraged to participate on the BIND 10
mailing lists. Please provide your feedback:
(Continue reading)

Permalink | Reply | 0 comments |
headers
Michael McNally | 10 Jan 00:58
Favicon

BIND 9.9.0rc1 is now available

Introduction

  BIND 9.9.0rc1 is the first release candidate for BIND 9.9.

  This document summarizes changes from BIND 9.8 to BIND 9.9.  Please
  see the CHANGES file in the source code release for a complete
  list of all changes.

Download

  The latest versions of BIND 9 software can always be found on our
  web site at http://www.isc.org/downloads/all. There you will find
  additional information about each release, source code, and
  pre-compiled versions for Microsoft Windows operating systems.

Support

  Product support information is available on
  http://www.isc.org/services/support for paid support options.
  Free support is provided by our user community via a mailing list.
  Information on all public email lists is available at
  https://lists.isc.org/mailman/listinfo.

Security Fixes

  - BIND 9 nameservers performing recursive queries could cache an
    invalid record and subsequent queries for that record could crash
    the resolvers with an assertion failure. [RT #26590] [CVE-2011-4313]

New Features
(Continue reading)

Permalink | Reply | 0 comments |
headers
Susan Graves | 23 Dec 02:09
Favicon

ISC's Hands-on BIND, DHCP, DNSSEC and IPv6 Trainings for 2012

Greetings!

Just to get you thinking about work as you are ready to leave on holiday...

We've posted our first half 2012 training schedule to our website.

Please see https://www.isc.org/support/training for locations and dates.
Click on the course name for a syllabus, and the prices to register. 
Seating is limited and there is a link to reserve a seat, if you are
still checking on schedules.

Certification will be completed in Q1 as well. We hope to see you at at
least one of our trainings in 2012!

Regards,
Sue Graves
Client Services Manager

_______________________________________________
bind-announce mailing list
bind-announce <at> lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-announce
Permalink | Reply | 0 comments |
headers
Susan Graves | 22 Dec 19:54
Favicon

You are invited to ISC's BIND Open Day Friday Jan 13th

ISC invites all local BIND administrators, system architects, and anyone interested in DNS to attend our next BIND Open Day on Friday, January 13, 2012. This is your opportunity to meet, interact, and build a relationship with many of ISC's engineers who have been coding DNS, crafting the standards, and pushing the technology of the world's most deployed DNS software. Interactive dialog is a core theme for all ISC events.

We seek BIND operators to share their architecture, experiences, and requirements for the future. The day will have a range of “geek to geek” opportunities with ISC’s engineers – building the operational understanding relevant BIND functionality.

The January BIND Open Day will focus on the future of BIND and seeking guidance to insure operational relevance.

* The whole BIND 10 development community will be attending (ISC and their partners).

* The day will start with a segue from BIND 9 to BIND 10 - reviewing all the engineering design principles, approaches, quality methodology, and open source access between the two versions.

* You'll hear how the BIND Team uses Agile Scrum, and Test Driven Development (TDD) to achieve code quality and visible development goals.

* We’ll walk through the architecture and technology used in BIND 10’s development.

* You'll learn how your input can shape BIND 10 today, providing operational "user stories" that would be used to enhance BIND's progress.

Evolving agenda: http://bind10.isc.org/wiki/Jan2012OpenDay

While we want the event to be open, we would truly appreciate your RSVP (click here) so that we can do some planning on our end.

Here are the details:

DATE: Friday, January 13, 2012

TIME: 9:00 AM  - 5:00 PM PST

VENUE: Silicon Valley, California - specific location TBD, depending on attendance. We will send confirmation emails and location information in early January.

Share your User Stories! The first lines of BIND 10 code were unit test derived from an Agile user story. We are seeking operator’s User Stories that will evolve into new BIND features, functions, and capabilities. Use the optional field below to enter your User Story. For a brief outline of what we mean by User Stories have a look at this entry in ISC’s Knowledge Base: https://kb.isc.org/article/AA-00574/0/What-is-a-User-Story.html

Are you a DHCP user? This “BIND Day” will have ISC’s full DHCP Engineering Team in attendance. Let us know if you are interested in break out sessions focusing on DHCP 4 and DHCP 10.

We look forward to meeting you in January!

Use this webform to RSVP!

_______________________________________________
bind-announce mailing list
bind-announce <at> lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-announce
Permalink | Reply | 0 comments |

Gmane