ISC has sent a brief notification about a flaw affecting bind 9 versions to be disclosed on Jun 4. CVE-2012-1667 was assigned to this issue, but there are no other details currently available about this flaw.
Public now via upstream advisory. The flaw is in the handling of the zero length rdata records, which may trigger named crash, memory disclosure, or zone data corruption in certain configurations. This primarily affects recursive resolvers. Issue was fixed in upstream versions: 9.6-ESV-R7-P1, 9.7.6-P1, 9.8.3-P1, and 9.9.1-P1 External Reference: http://www.isc.org/software/bind/advisories/cve-2012-1667
Created bind tracking bugs for this issue Affects: fedora-all [bug 828273]
US-CERT Vulnerability Note VU#381699: http://www.kb.cert.org/vuls/id/381699
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2012:0717 https://rhn.redhat.com/errata/RHSA-2012-0717.html
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 Via RHSA-2012:0716 https://rhn.redhat.com/errata/RHSA-2012-0716.html
bind-9.9.1-2.P1.fc17 has been pushed to the Fedora 17 stable repository. If problems still persist, please make note of it in this bug report.
Upstream has released a FAQ with some further information on this flaw: https://kb.isc.org/article/AA-00703/0/CVE-2012-1667-FAQ-and-Supplemental-Information.html
bind-9.8.3-2.P1.fc16 has been pushed to the Fedora 16 stable repository. If problems still persist, please make note of it in this bug report.
bind-9.8.3-2.P1.fc15 has been pushed to the Fedora 15 stable repository. If problems still persist, please make note of it in this bug report.
This issue has been addressed in following products: Red Hat Enterprise Linux 4 Extended Lifecycle Support Via RHSA-2012:1110 https://rhn.redhat.com/errata/RHSA-2012-1110.html