[CentOS] RES: CVE-2016-1285 & CVE-2016-1286

Fri Mar 11 06:11:41 UTC 2016
Alice Wonder <alice at domblogger.net>

Looking at the redhat CVE it looks like *by default config* it is not 
vulnerable except from the localhost.

On 03/10/2016 02:37 PM, Alice Wonder wrote:
> As soon as RHEL does.
>
> On 03/10/2016 02:13 PM, Leonardo Oliveira Ortiz wrote:
>> CentOS will provide an update to fix it?
>>
>> ________________________________________
>> De: centos-bounces at centos.org [centos-bounces at centos.org] em nome de
>> Alice Wonder [alice at domblogger.net]
>> Enviado: quinta-feira, 10 de março de 2016 15:31
>> Para: centos at centos.org
>> Assunto: Re: [CentOS] CVE-2016-1285 & CVE-2016-1286
>>
>> On 03/10/2016 07:13 AM, Michael H wrote:
>>> On 10/03/16 14:47, Leonardo Oliveira Ortiz wrote:
>>>> Hello.
>>>>
>>>> I think Centos are affected, right?
>>>>
>>>> Some update from Centos?
>>>> _______________________________________________
>>>> CentOS mailing list
>>>> CentOS at centos.org
>>>> https://lists.centos.org/mailman/listinfo/centos
>>>>
>>>
>>> Sure looks that way...
>>>
>>> https://access.redhat.com/security/cve/cve-2016-1285
>>> https://access.redhat.com/security/cve/cve-2016-1286
>>>
>>>
>>
>> I don't think NSD is impacted, which is what I use for authoritative
>> nameserver. There's an EPEL package. NSD is authoritative only, which is
>> why I use it.
>>
>> No clue about unbound.
>>
>> _______________________________________________
>> CentOS mailing list
>> CentOS at centos.org
>> https://lists.centos.org/mailman/listinfo/centos
>> _______________________________________________
>> CentOS mailing list
>> CentOS at centos.org
>> https://lists.centos.org/mailman/listinfo/centos
>>
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> https://lists.centos.org/mailman/listinfo/centos