BIND 9.12.2-P2 and other patch releases

2018-09-20 - News - Tony Finch

Yesterday, announced patch releases of BIND

I have upgraded our DNS servers to 9.12.2-P2 mainly to address the referral interoperability problem, though we have not received any reports that this was causing noticable difficulties.

There is a security issue related to Kerberos authenticated DNS updates; I'll be interested to hear if anyone in the University is using this feature!

Those interested in DNSSEC may have spotted the inline-signing bug that is fixed by these patches. We do not use inline-signing but instead use nsdiff to apply changes to signed zones, and I believe this is also true for the signed zones run by Maths and the Computer Lab.