BIND 9.6.0-P1 is now available. BIND 9.6.0-P1 is a SECURITY patch for BIND 9.6.0. It addresses a bug in which return values from some OpenSSL functions were left unchecked, making it theoretically possible to spoof answers from some signed zones. Bugs should be reported to bind9-bugs@isc.org. BIND 9.6.0-P1 can be downloaded from ftp://ftp.isc.org/isc/bind9/9.6.0-P1/bind-9.6.0-P1.tar.gz The PGP signature of the distribution is at ftp://ftp.isc.org/isc/bind9/9.6.0-P1/bind-9.6.0-P1.tar.gz.asc ftp://ftp.isc.org/isc/bind9/9.6.0-P1/bind-9.6.0-P1.tar.gz.sha256.asc ftp://ftp.isc.org/isc/bind9/9.6.0-P1/bind-9.6.0-P1.tar.gz.sha512.asc The signature was generated with the ISC public key, which is available at . A binary kit for Windows XP and Window 2003 is at ftp://ftp.isc.org/isc/bind9/9.6.0-P1/BIND9.6.0-P1.zip ftp://ftp.isc.org/isc/bind9/9.6.0-P1/BIND9.6.0-P1.debug.zip The PGP signature of the binary kit for Windows XP and Window 2003 is at ftp://ftp.isc.org/isc/bind9/9.6.0-P1/BIND9.6.0-P1.zip.asc ftp://ftp.isc.org/isc/bind9/9.6.0-P1/BIND9.6.0-P1.zip.sha256.asc ftp://ftp.isc.org/isc/bind9/9.6.0-P1/BIND9.6.0-P1.zip.sha512.asc ftp://ftp.isc.org/isc/bind9/9.6.0-P1/BIND9.6.0-P1.debug.zip.asc ftp://ftp.isc.org/isc/bind9/9.6.0-P1/BIND9.6.0-P1.debug.zip.sha256.asc ftp://ftp.isc.org/isc/bind9/9.6.0-P1/BIND9.6.0-P1.debug.zip.sha512.asc Changes since 9.6.0: 2522. [security] Handle -1 from DSA_do_verify() and EVP_verify().