2015-12-17 - News - Tony Finch
On Tuesday night the ISC published security releases of BIND which fix a couple of remote denial of service vulnerabilities. If you are running a recursive DNS server then you should update as soon as possible.
If you build your own BIND packages linked to OpenSSL 1.0.1 or 1.0.2 then you should also be aware of the OpenSSL security release that occurred earlier this month. The new versions of BIND will refuse to build with vulnerable versions of OpenSSL.
For more information see the bind-announce list, https://lists.isc.org/pipermail/bind-announce/2015-December/thread.html
The central nameservers and the resolvers on the central mail relays were updated to BIND 9.10.3-P2 earlier today.