BIND 9.12.4-P1 and Ed25519

2019-04-25 - News - Tony Finch

Last night, announced patch releases of BIND

I have upgraded our DNS servers to 9.12.4-P1 to address the TCP socket exhaustion vulnerability.

At the same time I have also relinked BIND with a more recent version of OpenSSL, so it is now able to validate the small number of domains that use the new Ed25519 DNSSEC algorithm.