[CentOS] Any update on 5.6 / 6?

Fri Feb 18 20:50:11 UTC 2011
Larry Vaden <vaden at texoma.net>

On Fri, Feb 18, 2011 at 2:19 PM, Always Learning <centos at g7.u22.net> wrote:
>
> Larry, please take my advice and get help or, at the very least, talk to
> someone about the matters troubling you. It is bad to hold everything
> inside you. Please share your problems with someone you can relate to.
> It is for your own benefit.

Paul,  I did as you suggest.  An extract of said post is below the
sig.  There wasn't a single response (I could be wrong about that, but
don't believe that is the case at this time).

kind regards/ldv/vaden at texoma.net

---------- Forwarded message ----------
From: Larry Vaden <vaden at texoma.net>
Date: Sun, Jan 23, 2011 at 8:03 PM
Subject: sources of bind-9.7.2-P3 rpms for Centos 4.8 and 5.5?
To: centos at centos.org


Our site running Centos 4.8 and 5.5 name servers was hacked with the
result that www.yahoo.com is now within our /19 and causing some
grief.
Google hasn't led me to an RPM for bind-9.7.2-P3 nor has the search
facility at centos.org.  However, it is obvious from said searches
that Mandriva upgraded last year.
An attempt to install bind-9.7.2-P3 from source yields the warning
below the sig for both 4.8 and 5.5 machines.
Does anyone know of RPMs that address the security issues involved?
RANT: does anyone know of the upstream's justification for providing
such old code?
kind regards/ldv
WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
WARNING                                                                 WARNING
WARNING         Your OpenSSL crypto library may be vulnerable to        WARNING
WARNING         one or more of the the following known security         WARNING
WARNING         flaws:                                                  WARNING
WARNING                                                                 WARNING
WARNING         CAN-2002-0659, CAN-2006-4339, CVE-2006-2937 and         WARNING
WARNING         CVE-2006-2940.                                          WARNING
WARNING                                                                 WARNING
WARNING         It is recommended that you upgrade to OpenSSL           WARNING
WARNING         version 0.9.8d/0.9.7l (or greater).                     WARNING
WARNING                                                                 WARNING
WARNING         You can disable this warning by specifying:             WARNING
WARNING                                                                 WARNING
WARNING               --disable-openssl-version-check                   WARNING
WARNING                                                                 WARNING
WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
[root at shell bind-9.7.2-P3]# cat /etc/redhat-release
CentOS release 5.5 (Final)
[root at shell bind-9.7.2-P3]#