1 <!-- 2 Copyright (C) Internet Systems Consortium, Inc. ("ISC") 3 4 SPDX-License-Identifier: MPL-2.0 5 6 This Source Code Form is subject to the terms of the Mozilla Public 7 License, v. 2.0. If a copy of the MPL was not distributed with this 8 file, you can obtain one at https://mozilla.org/MPL/2.0/. 9 10 See the COPYRIGHT file distributed with this work for additional 11 information regarding copyright ownership. 12 --> 13 # Security Policy 14 15 ISC's Security Vulnerability Disclosure Policy is documented in the 16 relevant [ISC Knowledgebase article][1]. 17 18 ## Reporting possible security issues 19 20 If you think you may be seeing a potential security vulnerability in BIND (for 21 example, a crash with a REQUIRE, INSIST, or ASSERT failure), please report it 22 immediately by [opening a confidential GitLab issue][2]. If a GitLab issue is 23 not an option, please use the template from the file 24 .gitlab/issue_templates/Security_issue.mde-mail and send it to 25 bind-security (a] isc.org. 26 27 Please do not discuss undisclosed security vulnerabilities on any public 28 mailing list. ISC has a long history of handling reported 29 vulnerabilities promptly and effectively and we respect and acknowledge 30 responsible reporters. 31 32 If you have a crash, you may want to consult the Knowledgebase article 33 entitled ["What to do if your BIND or DHCP server has crashed"][3]. 34 35 ## Reporting bugs 36 37 We are working with the interests of the greater Internet at heart, and 38 we hope you are too. In that vein, we do not offer bug bounties. If you 39 think you have found a bug in any ISC software, we encourage you to 40 [report it responsibly][2]; if verified, we will be happy to credit you 41 in our Release Notes. 42 43 [1]: https://kb.isc.org/docs/aa-00861 44 [2]: https://gitlab.isc.org/isc-projects/bind9/-/issues/new?issue[confidential]=true&issuable_template=Security_issue 45 [3]: https://kb.isc.org/docs/aa-00340 46
Indexes created Tue Apr 14 00:22:26 UTC 2026