2018-09-20 - News - Tony Finch
Yesterday, isc.org announced patch releases of BIND
I have upgraded our DNS servers to 9.12.2-P2 mainly to address the referral interoperability problem, though we have not received any reports that this was causing noticable difficulties.
There is a security issue related to Kerberos authenticated DNS updates; I'll be interested to hear if anyone in the University is using this feature!
Those interested in DNSSEC may have spotted the inline-signing bug that is
fixed by these patches. We do not use inline-signing but instead use
nsdiff
to apply changes to signed zones, and I believe this is also true
for the signed zones run by Maths and the Computer Lab.