[CentOS] current bind version
Steve Walsh
steve at nerdvana.net.auThu Feb 24 02:35:41 UTC 2011
- Previous message: [CentOS] current bind version
- Next message: [CentOS] current bind version
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 02/24/2011 01:08 PM, Machin, Greg wrote: > > Hi. > > I have had an enquiry from the Network and Security guy. He wants to > know why CentOS 5.5 /RHEL 5 is using a very old version of bind > "bind-chroot-9.3.6-4.P1.el5_5.3" when the latest release that has many > security fixes is on 9.7.3 . I understand that its to maintain a known > stable platform by in introducing new elements etc .. Is there an > official explanation / document that I can direct him to. > Hi Greg Probably an idea to point your N&S guys at the RH 'backporting' Page - https://access.redhat.com/security/updates/backporting/?sc_cid=3093 Basically, the version is kept the same to minimise impact on users, whilst bugfixes and security errata from future versions are 'backported' to the version that ships with the relevant RHEL version. Also worthwhile pointing them at the BIND CVE in the Redhat Bugzilla, which advises on the impact on the RHEL versions - https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-0414 Regards Steve -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20110224/f2583b37/attachment-0001.html>
- Previous message: [CentOS] current bind version
- Next message: [CentOS] current bind version
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list