K 10
svn:author
V 5
dougb
K 8
svn:date
V 27
2010-07-17T07:54:40.000000Z
K 7
svn:log
V 705
Updgrade to version 9.7.1-P2 which addresses a DNSSEC-related bug.

If a query is made explicitly for a record of type 'RRSIG' to a validating
recursive server running BIND 9.7.1 or 9.7.1-P1, and the server has one or
more trust anchors configured statically and/or via DLV, then if the answer
is not already in cache, the server enters a loop which repeatedly generates
queries for RRSIGs to the authoritative servers for the zone containing the
queried name.

CVE:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0213
CERT:	http://www.kb.cert.org/vuls/id/211905

Versions affected:	9.7.1, 9.7.1-P1
Severity:		High
Exploitable:		remotely

http://www.isc.org/software/bind/advisories/cve-2010-0213

END