[NPIX Members PTS] [dns-operations] Please upgrade BIND for CVE-2015-5477 immediately if you haven't done so

[Kabindra Shrestha]

> On Aug 2, 2015, at 9:10 PM, Kabindra Shrestha <kabindra at geeks.net.np> wrote:
> 
> FYI,
> 
> Please patch/update asap. Almost all old bind versions are vulnerable, both recursive and authoritative.
> 
> 
> Thanks.
> 
> 
>> Begin forwarded message:
>> 
>> From: Mukund Sivaraman <muks at isc.org>
>> Subject: [dns-operations] Please upgrade BIND for CVE-2015-5477 immediately if you haven't done so
>> Date: August 2, 2015 at 12:46:52 PM GMT+5:45
>> To: dns-operations at dns-oarc.net
>> 
>> Hi all
>> 
>> If you run BIND, please upgrade it to address CVE-2015-5477 (TKEY query
>> handling vulnerability) immediately if you have not already done so.
>> 
>> You can find instructions here:
>> https://kb.isc.org/article/AA-01272
>> 
>> Please contact your OS vendor or BIND package vendor if you don't have a
>> fix. Updated packages ought to be available by now in popular OS
>> distributions. Alternately, you can email ISC for a patch.
>> 
>> An exploit was released publicly (and very unwisely) by an unrelated
>> party. There's reason to believe that this is actively being used now.
>> Please upgrade.
>> 
>> 		Mukund
>> _______________________________________________
>> dns-operations mailing list
>> dns-operations at lists.dns-oarc.net
>> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
>> dns-jobs mailing list
>> https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
> 
> Regards,
> Kabindra Shrestha
> 

Regards,

Kabindra Shrestha
Packet Clearing House
Office	:  +1 415 831-3111
Peering	:  +1 415 247-7337	peering at pch.net
Noc		:  +1 415 247-7337	noc at pch.net
http://www.pch.net/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 495 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.npix.net.np/pipermail/members-pts/attachments/20150803/40a77b10/attachment.pgp>