bind has been updated to version 9.9.6P1, fixing the following security
issue:
* A flaw in delegation handling could be exploited to put named into
an infinite loop. This has been addressed by placing limits on the
number of levels of recursion named will allow (default 7), and the
number of iterative queries that it will send (default 50) before
terminating a recursive query (CVE-2014-8500, bnc#908994).
* The recursion depth limit is configured via the "max-recursion-depth"
option, and the query limit via the "max-recursion-queries" option.
Additionally, two non-security issues have been fixed:
* bnc#882511: Fix a multi-thread issue with IXFR.
* bnc#743758: Fix handling of TXT records in ldapdump.
Security Issues:
* CVE-2014-8500
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8500">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8500</a>>