Internet Systems Consortium (ISC)
@isc.org
Developer and maintainer of open source Internet Infrastructure software: BIND, Kea and DHCP. Operator of DNS root (F-root).
Open source for an open Internet.
Open source for an open Internet.
Please note that both versions address a vulnerability in kea-dhcp4; see kb.isc.org/docs/cve-202....
CVE-2025-11232: Invalid characters cause assert
kb.isc.org
October 29, 2025 at 2:16 PM
Please note that both versions address a vulnerability in kea-dhcp4; see kb.isc.org/docs/cve-202....
In addition to bug fixes and feature improvements, these releases also contain fixes for security vulnerabilities (CVE-2025-8677, CVE-2025-40778, CVE-2025-40780):
kb.isc.org/docs/cve-202...
kb.isc.org/docs/cve-202...
kb.isc.org/docs/cve-202...
kb.isc.org/docs/cve-202...
kb.isc.org/docs/cve-202...
kb.isc.org/docs/cve-202...
CVE-2025-8677: Resource exhaustion via malformed DNSKEY handling
kb.isc.org
October 22, 2025 at 2:06 PM
In addition to bug fixes and feature improvements, these releases also contain fixes for security vulnerabilities (CVE-2025-8677, CVE-2025-40778, CVE-2025-40780):
kb.isc.org/docs/cve-202...
kb.isc.org/docs/cve-202...
kb.isc.org/docs/cve-202...
kb.isc.org/docs/cve-202...
kb.isc.org/docs/cve-202...
kb.isc.org/docs/cve-202...
Development versions are not intended for production use, but we encourage you to try it out in a test environment.
Stork 2.3.1 includes upgrades to the UI, improvements to BIND 9 management, security and build improvements, plus several bug fixes.
Stork 2.3.1 includes upgrades to the UI, improvements to BIND 9 management, security and build improvements, plus several bug fixes.
October 15, 2025 at 2:25 PM
Development versions are not intended for production use, but we encourage you to try it out in a test environment.
Stork 2.3.1 includes upgrades to the UI, improvements to BIND 9 management, security and build improvements, plus several bug fixes.
Stork 2.3.1 includes upgrades to the UI, improvements to BIND 9 management, security and build improvements, plus several bug fixes.
With this release we re-introduced RPM packages for Fedora into our Copr repositories (copr.fedorainfracloud.org/coprs/isc/bi...).
isc/bind
Copr
copr.fedorainfracloud.org
September 10, 2025 at 6:11 PM
With this release we re-introduced RPM packages for Fedora into our Copr repositories (copr.fedorainfracloud.org/coprs/isc/bi...).
Please note that CVE-2025-8696 also affects the current Stork development version, 2.3.0. Anyone who has Stork 2.3.0 deployed is advised to employ mitigations until 2.3.1 is released, currently planned for October 6, 2025.
September 10, 2025 at 3:40 PM
Please note that CVE-2025-8696 also affects the current Stork development version, 2.3.0. Anyone who has Stork 2.3.0 deployed is advised to employ mitigations until 2.3.1 is released, currently planned for October 6, 2025.
In addition to bug fixes and feature improvements, this release also contains a fix for a security vulnerability (CVE-2025-8696), about which more information is provided in the following Security Advisory:
kb.isc.org/docs/cve-202...
kb.isc.org/docs/cve-202...
CVE-2025-8696: DoS attack against the Stork UI from an unauthenticated user
kb.isc.org
September 10, 2025 at 3:39 PM
In addition to bug fixes and feature improvements, this release also contains a fix for a security vulnerability (CVE-2025-8696), about which more information is provided in the following Security Advisory:
kb.isc.org/docs/cve-202...
kb.isc.org/docs/cve-202...
Please note that both versions address CVE-2025-40779 (kb.isc.org/docs/cve-202...).
CVE-2025-40779: Kea crash upon interaction between specific client options and subnet selection
kb.isc.org
August 27, 2025 at 8:34 PM
Please note that both versions address CVE-2025-40779 (kb.isc.org/docs/cve-202...).
This release introduces support for RHEL 10. Enterprise Linux 10 RPMs are available in Copr (copr.fedorainfracloud.org/coprs/isc/bi...).
isc/bind
Copr
copr.fedorainfracloud.org
August 20, 2025 at 3:00 PM
This release introduces support for RHEL 10. Enterprise Linux 10 RPMs are available in Copr (copr.fedorainfracloud.org/coprs/isc/bi...).
This release contains new features such as support for PowerDNS; RPZ and RRs in zone views; better parsing of BIND configs; and more.
Development versions are not suitable for production use. We look forward to receiving your feedback.
Development versions are not suitable for production use. We look forward to receiving your feedback.
August 13, 2025 at 4:44 PM
This release contains new features such as support for PowerDNS; RPZ and RRs in zone views; better parsing of BIND configs; and more.
Development versions are not suitable for production use. We look forward to receiving your feedback.
Development versions are not suitable for production use. We look forward to receiving your feedback.
Packages for Kea 3.1.0 are available from our Cloudsmith repository at app.cloudsmith.com/isc/kea-dev .
KNOWN ISSUE with regard to upgrading on Debian systems: you must now use Meson to build the software.
KNOWN ISSUE with regard to upgrading on Debian systems: you must now use Meson to build the software.
Cloudsmith
Cloudsmith is a universal, cloud-native solution for software artifact management and software supply chain security. Start your free trial today.
app.cloudsmith.com
July 30, 2025 at 1:38 PM
Packages for Kea 3.1.0 are available from our Cloudsmith repository at app.cloudsmith.com/isc/kea-dev .
KNOWN ISSUE with regard to upgrading on Debian systems: you must now use Meson to build the software.
KNOWN ISSUE with regard to upgrading on Debian systems: you must now use Meson to build the software.
Packaging Changes
In addition to Kea 2.6.4, we have rebuilt packages for some existing versions. Users who have successfully installed and are running Kea 2.4.2 or 3.0.0 do not need to update: the new packages address issues that sometimes prevented successful installation and operation.
In addition to Kea 2.6.4, we have rebuilt packages for some existing versions. Users who have successfully installed and are running Kea 2.4.2 or 3.0.0 do not need to update: the new packages address issues that sometimes prevented successful installation and operation.
July 17, 2025 at 5:00 PM
Packaging Changes
In addition to Kea 2.6.4, we have rebuilt packages for some existing versions. Users who have successfully installed and are running Kea 2.4.2 or 3.0.0 do not need to update: the new packages address issues that sometimes prevented successful installation and operation.
In addition to Kea 2.6.4, we have rebuilt packages for some existing versions. Users who have successfully installed and are running Kea 2.4.2 or 3.0.0 do not need to update: the new packages address issues that sometimes prevented successful installation and operation.
Maintenance of Kea 2.4.2 ended with the release of Kea 3.0.0. Please make plans to update to the 2.6 or 3.0 versions.
July 17, 2025 at 4:59 PM
Maintenance of Kea 2.4.2 ended with the release of Kea 3.0.0. Please make plans to update to the 2.6 or 3.0 versions.