[CentOS] http://www.securityweek.com/high-severity-bind-vulnerability-advisory-issued

Larry Vaden vaden at texoma.net
Wed Feb 23 19:21:23 UTC 2011


On Wed, Feb 23, 2011 at 1:03 PM, James Hogarth <james.hogarth at gmail.com> wrote:
>
> Except that this issue does not affect BIND in rhel and thus CentOS
> therefore making it yet more pointless drivel from the OP.

Please take off the blinders and realize there are lots of folks (some
x% of a million or more) on this list who compile from current source
in order to minimize their risks and are therefore the subject
audience.

On the one hand, you have Paul Vixie and crew (authors of BIND) and
US_CERT saying "US-CERT encourages users and administrators using the
affected versions of BIND to upgrade to BIND 9.7.3."  On the other
hand, you have "don't bother me with reality, I'm comfortable, am not
affected and don't want to read messages to those who are affected."

Wisdom from a top security manager at Internet2 was presented on this
list.  Ignore his advice all you want.



More information about the CentOS mailing list