BIND9 CVE-2019-6475 and CVE-2019-6476

[ISC Security Officer <security-officer () isc org>]

Today (2019-10-16) ISC announced two vulnerabilities in our BIND 9 software.

   CVE-2019-6475, a DNSSEC validation bypass for mirror zones

   CVE-2019-6476, a flaw in QNAME minimization that can lead to
                  an assertion failure.

These issues affect all prior BIND 9.14 releases and all prior BIND 9.15
releases.

Our full CVE text can be found at:
   https://kb.isc.org/docs/cve-2019-6475
   https://kb.isc.org/docs/cve-2019-6476

New releases of BIND, including security fixes for this vulnerability,
are available at: www.isc.org/downloads/

Release notes for the new versions can be obtained using the following
links:

https://downloads.isc.org/isc/bind9/9.15.5/RELEASE-NOTES-bind-9.15.5.html
https://downloads.isc.org/isc/bind9/9.14.7/RELEASE-NOTES-bind-9.14.7.html

-- 
Brian Conry
ISC Support
Acting Security Officer

Attachment: signature.asc
Description: OpenPGP digital signature