Bind Vulnerability on CentOS

[redesb]

For all those security paranoics like I, so far we can be calm with the present version of bind (9.2.4-16.EL4) in CentOS 4.x, see bellow:

Description extract of Vulnerability Note VU#697164:

Note that although BIND versions 9.2.x also contain the underlying flaw that causes this vulnerability, ISC reports that the vulnerability is not exposed by these versions. Nonetheless, ISC has provided a patch for these versions as well.

Description extract of Vulnerability Note VU#915404:

This vulnerability affects BIND 9.3.x versions 9.3.0, 9.3.1, 9.3.2, 9.3.3b, and 9.3.3rc1, and BIND 9.4.x versions 9.4.0a1, 9.4.0a2, 9.4.0a3, 9.4.0a4, 9.4.0a5, 9.4.0a6, and 9.4.0b1.

Click the links to read all the text of Vulnerability Note VU#697164 or Vulnerabilit Note VU#915404

Regards

 

[eymbo]

To update bind run:

yum upgrade bind*

then:

service named restart

 

[redesb]

eymbo,

Have you read the post ?

Until the moment if you try to update bind there is no update in the official repos.

I believe that because the mantainers of the CentOS distro at the moment do not judge it necessary, read the previous message please.

Note: 'yum upgrade' is not a yum command, see the output of 'yum --help', perhaps you meant 'yum update'.

 

[eymbo]

eymbo,

Have you read the post ?

Until the moment if you try to update bind there is no update in the official repos.

I believe that because the mantainers of the CentOS distro at the moment do not judge it necessary, read the previous message please.

Note: 'yum upgrade' is not a yum command, see the output of 'yum --help', perhaps you meant 'yum update'.

Ah sorry about, however yum upgrade is a command, it's not listed. It works if you try it, either update or upgrade works fine