[CentOS] current bind version

Thu Feb 24 02:35:41 UTC 2011
Steve Walsh <steve at nerdvana.net.au>

On 02/24/2011 01:08 PM, Machin, Greg wrote:
>
> Hi.
>
> I have had an enquiry from the Network and Security guy. He wants to 
> know why CentOS 5.5 /RHEL 5 is using a very old version of bind 
> "bind-chroot-9.3.6-4.P1.el5_5.3" when the latest release that has many 
> security fixes is on 9.7.3 . I understand that its to maintain a known 
> stable platform by in introducing new elements etc .. Is there an 
> official explanation / document that  I can direct him to.
>

Hi Greg

Probably an idea to point your N&S guys at the RH 'backporting' Page - 
https://access.redhat.com/security/updates/backporting/?sc_cid=3093

Basically, the version is kept the same to minimise impact on users, 
whilst bugfixes and security errata from future versions are 
'backported' to the version that ships with the relevant RHEL version.

Also worthwhile pointing them at the BIND CVE in the Redhat Bugzilla, 
which advises on the impact on the RHEL versions - 
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-0414


Regards

Steve
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.centos.org/pipermail/centos/attachments/20110224/f2583b37/attachment-0005.html>