[CentOS] Updated bind marked as vulnerable
Toby Bluhm
tkb at midwestinstruments.com
Wed Jul 30 18:38:59 UTC 2008
mbneto wrote:
> Hi,
>
> I have a Centos 4.6 machine that even tough has been updated with the
> latest bind 9.2.4-28.0.1.el4 is marked as vulnerable by
> https://www.dns-oarc.net/oarc/services/dnsentropy.
>
> I have another machine which also uses that same distro and is not.
>
> Do I have to do any other update?
>
>
>
Are those boxes directly handling your DNS requests to the internet for
you - i.e. their IPs show up in the test results as the DNS Resolvers?
If yes, probably your named.conf would need to be looked at in the
problem box.
More likely, it's your nameserver in your resolv.conf or the nameserver
of your nameserver that the test site is talking to. You have to bug
whoever runs those boxes about the problem.
--
Toby Bluhm
Alltech Medical Systems America, Inc.
More information about the CentOS
mailing list