On Mon, 2016-10-17 at 14:28 +0900, マスターズ イアン wrote: > Hi > > I'd like to know if the present version of Bind in CentOS 6 (bind-9.8.2-0.47.rc1.el6_8.1.x86_64) is vulerable to CVE-2016-2776. > > According to https://www.isc.org/downloads/, version 9.8.x is End-of-Life (EOL) as of Sep 2014. > > Regards > > ian Hi, Querying the current bind-libs changelog shows the CVE has been addressed in the current version. rpm -q --changelog bind-libs | grep CVE-2016-2776 - Fix CVE-2016-2776 Regards Phil -- Blog: https://philwyett-hemi.blogspot.co.uk/ GitLab: https://gitlab.com/philwyett_hemi/ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: This is a digitally signed message part URL: <http://lists.centos.org/pipermail/centos/attachments/20161017/d9d6217d/attachment-0005.sig>