[CentOS] http://www.securityweek.com/high-severity-bind-vulnerability- advisory-issued

Thu Feb 24 17:48:11 UTC 2011
James B. Byrne <byrnejb at harte-lyne.ca>

On Wed, February 23, 2011 13:07, Markus Falb wrote:
> On 23.2.2011 18:27, Larry Vaden wrote:
>> US-CERT encourages users and administrators using the affected
>> versions of BIND to upgrade to BIND 9.7.3.
>>
>> Optionally, one can wait on a backport.
>
> Ahhh!
>
> Have a look at the relevant bugzilla ticket at
> https://bugzilla.redhat.com/show_bug.cgi?id=679496
> and read
>
> ...snip
> This issue did not affect the versions of bind as shipped with
> Red Hat Enterprise Linux 4, 5, or 6.
> snap...


I guess this is what you you get when you settle for an
'enterprisey' distro.  Dated software that somebody else got to find
the bugs in.  Poor chaps.



-- 
***          E-Mail is NOT a SECURE channel          ***
James B. Byrne                mailto:ByrneJB at Harte-Lyne.ca
Harte & Lyne Limited          http://www.harte-lyne.ca
9 Brockley Drive              vox: +1 905 561 1241
Hamilton, Ontario             fax: +1 905 561 0757
Canada  L8E 3C3