The Internet Systems Consortium has released maintenance updates for BIND 9, including versions 9.18.49 and 9.20.23 for production environments, and 9.21.22 as an experimental version, all addressing six security vulnerabilities. Administrators are advised to apply these patches promptly to mitigate risks such as cache poisoning and denial of service attacks, ensuring to verify cryptographic signatures and review release notes for deprecated syntax. The stable versions 9.18.49 and 9.20.23 are recommended for most deployments, while the experimental 9.21.22 should only be used in non-production settings for testing new features. Users should be cautious of their environment's compatibility, verify downloads, and monitor system logs after installation to avoid unexpected issues

BIND 9.18.49, 9.20.23, and 9.21.22 released

The Internet Systems Consortium just dropped maintenance updates for BIND 9, with versions 9.18.49 and 9.20.23 targeting production environments while 9.21.22 remains experimental. These releases patch six security vulnerabilities that could otherwise leave DNS servers open to cache poisoning or denial of service attacks. Administrators should verify the cryptographic signatures before compiling from source and carefully review the release notes for any deprecated configuration syntax that might break existing setups. Official packages and container images will roll out later today, but sticking to the stable branches and testing thoroughly in a staging environment remains the only sensible approach.

BIND 9.18.49, 9.20.23, and 9.21.22 released @ Linux Compatible