<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
  <head>
    <meta content="text/html; charset=ISO-8859-1"
      http-equiv="Content-Type">
  </head>
  <body text="#000000" bgcolor="#ffffff">
    <br>
    On 02/24/2011 01:08 PM, Machin, Greg wrote:
    <blockquote
      cite="mid:5A60B6471183E64BBD45354D494DD609025D2097@GARFIELD.topnz.ac.nz"
      type="cite">
      <meta http-equiv="Content-Type" content="text/html;
        charset=ISO-8859-1">
      <meta name="Generator" content="Microsoft Word 12 (filtered
        medium)">
      <style>
<!--
 /* Font Definitions */
 @font-face
        {font-family:Calibri;
        panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
        {font-family:Tahoma;
        panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
        {font-family:"Arial CYR";}
 /* Style Definitions */
 p.MsoNormal, li.MsoNormal, div.MsoNormal
        {margin:0cm;
        margin-bottom:.0001pt;
        font-size:11.0pt;
        font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
        {mso-style-priority:99;
        color:blue;
        text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
        {mso-style-priority:99;
        color:purple;
        text-decoration:underline;}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
        {mso-style-priority:99;
        mso-style-link:"Balloon Text Char";
        margin:0cm;
        margin-bottom:.0001pt;
        font-size:8.0pt;
        font-family:"Tahoma","sans-serif";}
span.EmailStyle17
        {mso-style-type:personal-compose;
        font-family:"Calibri","sans-serif";
        color:windowtext;}
span.BalloonTextChar
        {mso-style-name:"Balloon Text Char";
        mso-style-priority:99;
        mso-style-link:"Balloon Text";
        font-family:"Tahoma","sans-serif";}
.MsoChpDefault
        {mso-style-type:export-only;}
@page WordSection1
        {size:612.0pt 792.0pt;
        margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
        {page:WordSection1;}
-->
</style><!--[if gte mso 9]><xml>
 <o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
 <o:shapelayout v:ext="edit">
  <o:idmap v:ext="edit" data="1" />
 </o:shapelayout></xml><![endif]-->
      <div class="WordSection1">
        <p class="MsoNormal">Hi.<o:p></o:p></p>
        <p class="MsoNormal">I have had an enquiry from the Network and
          Security guy. He
          wants to know why CentOS 5.5 /RHEL 5 is using a very old
          version of bind “bind-chroot-9.3.6-4.P1.el5_5.3”
          when the latest release that has many security fixes is on
          9.7.3 . I understand
          that its to maintain a known stable platform by in introducing
          new elements etc
          .. Is there an official explanation / document that  I can
          direct him to.<o:p></o:p></p>
      </div>
    </blockquote>
    <br>
    Hi Greg<br>
    <br>
    Probably an idea to point your N&S guys at the RH 'backporting'
    Page -
    <a class="moz-txt-link-freetext" href="https://access.redhat.com/security/updates/backporting/?sc_cid=3093">https://access.redhat.com/security/updates/backporting/?sc_cid=3093</a><br>
    <br>
    Basically, the version is kept the same to minimise impact on users,
    whilst bugfixes and security errata from future versions are
    'backported' to the version that ships with the relevant RHEL
    version.<br>
    <br>
    Also worthwhile pointing them at the BIND CVE in the Redhat
    Bugzilla, which advises on the impact on the RHEL versions -
    <a class="moz-txt-link-freetext" href="https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-0414">https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-0414</a><br>
    <br>
    <br>
    Regards<br>
    <br>
    Steve<br>
  </body>
</html>