-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Reference:  CERT-EU Security Advisor 2012-0113
Title: Security update available for Bind 9 [1]

Version history:
14.09.2012 Initial publication

Summary
=======
If a record with RDATA in excess of 65535 bytes is loaded into a nameserver, a subsequent query for that record will cause named to exit with an assertion failure.

This vulnerability can be exploited remotely against recursive servers by inducing them to query for records provided by an authoritative server. It affects authoritative servers if a zone containing this type of resource record is loaded from file or provided via zone transfer.

Please Note: Versions of BIND 9.4 and 9.5 are also affected, but these branches are beyond their "end of life" (EOL) and no longer receive testing or security fixes from ISC. For current information on which versions are actively supported, please see http://www.isc.org/software/bind/versions.

CVE Numbers:
CVE-2012-4244

CVSS Score: 7.8  (AV:N/AC:L/Au:N/C:N/I:N/A:C)

Vulnerable systems
==================
9.0.x -> 9.6.x, 9.4-ESV->9.4-ESV-R5-P1, 9.6-ESV->9.6-ESV-R7-P2, 9.7.0->9.7.6-P2, 9.8.0->9.8.3-P2, 9.9.0->9.9.1-P2

What can you do?
================
Upgrade to the patched version or new release most closely related to your current version of BIND. The patched versions of BIND can be downloaded from http://www.isc.org/downloads/all.  The new release versions will be available within the next week. [1] 

What to tell your users?
========================
N/A

More information
================
[1] https://kb.isc.org/article/AA-00778/74
[2] http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4244
[3] Information about CVSS: http://www.first.org/cvss/cvss-guide.html

Best regards,

CERT-EU (http://cert.europa.eu)
Phone: +32.2.2990005 / e-mail: cert-eu@ec.europa.eu
PGP KeyID 0x46AC4383
FP: 9011 6BE9 D642 DD93 8348 DAFA 27A4 06CA 46AC 4383
Privacy Statement: http://cert.europa.eu/cert/plainedition/en/cert_privacy.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQIcBAEBAgAGBQJQU1WVAAoJEPpzpNLI8SVoX6QP/0ttIABUvmfjnNJTIbDvf0ll
mPCm9p0ktEFlceUlJR8deWnKzhIqZp236SU1HhFyf/YLpo+XRXJhgghjf4RH9+cP
g+yyLIXfGJlvNxSX1xiGpmGpjSr1UNY7qIIsCHgbuxrY9boKK3jkAvnzaMvH16Tp
yFkgaiApVJBuNzfkAK3g+AKWeiK+sZg/aOmeYVvBSxqHFPLPGcUK55QZy8oNpVh8
2TWOSZfznd8Mc4ghea6qEx6Yqkv3fNdOnlmimn57bh3dZrX1LghqGG6kSRYxEdxU
wS5CXYWe1s3043cE5F7q8UmsGAG3l5mjqJWrvmCteufsE3LFOI6K93AltZ/AZEEw
5gvstu35IXckSAGw4/lHyWONymSFWS49Qi4bB8NqcjFaBOxSEN/Vjg+xPg+zcfHe
nIc+rt+EulqG1tux295/iPeuIJr4seDB6WZpiyrCkmhwkxF+g57V+3Ee5ozmV8xI
EZpu+h8mQnXdQhC57RV0XVKeWIkErFLUCRU3S7y8KC6C83hue8of4KiESB57paxx
iFzBxTiQFZZzPhEWK41GLmFdNoni3zh+OSX412DFHScZigsjPmamA0hAvgg6NzuY
J7ZsYugnjd5UJyKLdgzaAJbdu42v46QF8MUcXM+Mxz3pqp96DLjdo4s7ig3mHBwK
DZ7BB6+O0qN3cMSPbqDc
=VuRl
-----END PGP SIGNATURE-----