
<html>

  <head>


    <meta http-equiv="content-type" content="text/html; charset=utf-8">

  </head>

  <body bgcolor="#FFFFFF" text="#000000">

    <br>

    -----BEGIN PGP SIGNED MESSAGE-----<br>

    Hash: SHA1<br>

    <br>

    FYI... vulnerabilidades en BIND.<br>

    <br>

    <br>

    - -------- Forwarded Message --------<br>

    Subject:     [1st-b] New vulnerabilities in BIND announced:

    CVE-2015-5722 and CVE-2015-5986<br>

    Date:     Wed, 2 Sep 2015 22:20:17 +0200<br>

    From:     ISC Security Officer <a class="moz-txt-link-rfc2396E" href="mailto:security-officer@isc.org">&lt;security-officer@isc.org&gt;</a><br>

    Reply-To:     ISC Security Officer <a class="moz-txt-link-rfc2396E" href="mailto:security-officer@isc.org">&lt;security-officer@isc.org&gt;</a><br>

    To:     <a class="moz-txt-link-abbreviated" href="mailto:isc-csirt-security@lists.isc.org">isc-csirt-security@lists.isc.org</a><br>

    <br>

    <br>

    <br>

    Please be advised that ISC publicly announced two critical<br>

    vulnerabilities in BIND:<br>

    <br>

    + CVE-2015-5722 is a denial-of-service vector which can be<br>

      exploited remotely against a BIND server that is performing<br>

      validation on DNSSEC-signed records. All versions of BIND since<br>

      9.0.0 are vulnerable.<br>

      <a class="moz-txt-link-freetext" href="https://kb.isc.org/article/AA-01287">https://kb.isc.org/article/AA-01287</a><br>

    <br>

    + CVE-2015-5986 is a denial-of-service vector which can be used<br>

      against a BIND server that is performing recursion and (under<br>

      limited conditions) an authoritative-only nameserver.<br>

      Versions of BIND since 9.9.7 and 9.10.2 are vulnerable.<br>

      <a class="moz-txt-link-freetext" href="https://kb.isc.org/article/AA-01291">https://kb.isc.org/article/AA-01291</a><br>

    <br>

    <br>

    New releases of BIND, including security fixes for these<br>

    vulnerabilities, are available:<br>

    <br>

<a class="moz-txt-link-freetext" href="ftp://ftp.isc.org/isc/bind9/9.10.3rc1/RELEASE-NOTES.bind-9.10.3rc1.html">ftp://ftp.isc.org/isc/bind9/9.10.3rc1/RELEASE-NOTES.bind-9.10.3rc1.html</a><br>

<a class="moz-txt-link-freetext" href="ftp://ftp.isc.org/isc/bind9/9.9.8rc1/RELEASE-NOTES.bind-9.9.8rc1.html">ftp://ftp.isc.org/isc/bind9/9.9.8rc1/RELEASE-NOTES.bind-9.9.8rc1.html</a><br>

<a class="moz-txt-link-freetext" href="ftp://ftp.isc.org/isc/bind9/9.10.2-P4/RELEASE-NOTES.bind-9.10.2-P4.html">ftp://ftp.isc.org/isc/bind9/9.10.2-P4/RELEASE-NOTES.bind-9.10.2-P4.html</a><br>

<a class="moz-txt-link-freetext" href="ftp://ftp.isc.org/isc/bind9/9.9.7-P3/RELEASE-NOTES.bind-9.9.7-P3.html">ftp://ftp.isc.org/isc/bind9/9.9.7-P3/RELEASE-NOTES.bind-9.9.7-P3.html</a><br>

    <br>

    Marcin Siodelski<br>

    (as ISC Security Officer)<br>

    <br>

    <br>

    <br>

    <br>

    <br>

    -----BEGIN PGP SIGNATURE-----<br>

    Version: GnuPG/MacGPG2 v2<br>

    <br>

    iEYEARECAAYFAlXnW8IACgkQLGiPbNUVB6Ki6wCeLzEfD5V4j1B6Sh4gGXO1TodG<br>

    JZQAn1cWCzJBXeEL03z0BdNhFrCUHSqM<br>

    =gnBk<br>

    -----END PGP SIGNATURE-----<br>

    <br>

  </body>

</html>