BIND 9.4.3-P2 is now available. BIND 9.4.3-P2 is a SECURITY patch for BIND 9.4.3. It addresses a bug in DNSSEC lookaside validation (DLV): unrecognized signature algorithms, which should have been treated as the equivalent of an unsigned zone, were instead treated as a validation failure. Bugs should be reported to bind9-bugs@isc.org. BIND 9.4.3-P2 can be downloaded from ftp://ftp.isc.org/isc/bind9/9.4.3-P2/bind-9.4.3-P2.tar.gz The PGP signature of the distribution is at ftp://ftp.isc.org/isc/bind9/9.4.3-P2/bind-9.4.3-P2.tar.gz.asc ftp://ftp.isc.org/isc/bind9/9.4.3-P2/bind-9.4.3-P2.tar.gz.sha256.asc ftp://ftp.isc.org/isc/bind9/9.4.3-P2/bind-9.4.3-P2.tar.gz.sha512.asc The signature was generated with the ISC public key, which is available at . A binary kit for Windows XP, Windows 2003 and Windows 2008 is at ftp://ftp.isc.org/isc/bind9/9.4.3-P2/BIND9.4.3-P2.zip ftp://ftp.isc.org/isc/bind9/9.4.3-P2/BIND9.4.3-P2.debug.zip The PGP signature of the binary kit is at ftp://ftp.isc.org/isc/bind9/9.4.3-P2/BIND9.4.3-P2.zip.asc ftp://ftp.isc.org/isc/bind9/9.4.3-P2/BIND9.4.3-P2.zip.sha256.asc ftp://ftp.isc.org/isc/bind9/9.4.3-P2/BIND9.4.3-P2.zip.sha512.asc ftp://ftp.isc.org/isc/bind9/9.4.3-P2/BIND9.4.3-P2.debug.zip.asc ftp://ftp.isc.org/isc/bind9/9.4.3-P2/BIND9.4.3-P2.debug.zip.sha256.asc ftp://ftp.isc.org/isc/bind9/9.4.3-P2/BIND9.4.3-P2.debug.zip.sha512.asc Changes since 9.4.3-P1: --- 9.4.3-P2 released --- 2579. [bug] DNSSEC lookaside validation failed to handle unknown algorithms. [RT #19479]