[CentOS] Vulnerabilities to bind-libs bind-utils - possible to remove these on webservers

Mon Jun 24 13:20:27 UTC 2019
Mauricio Tavares <raubvogel at gmail.com>

On Mon, Jun 24, 2019 at 9:07 AM Peda, Allan (NYC-GIS)
<Allan.Peda at interpublic.com> wrote:
> I think the subject says it all.  We don't run named.  It seems there are chronic issues with bind.  Can these packages be removed?
> We locally authenticate. I see this:
> Removing for dependencies:
>  bind-utils
>  ipa-client
>  sssd
>  sssd-ad
>  sssd-ipa
> We shouldn't need any of that with local authentication (/etc passwd and /etc/shadow) right?
      Which packages installed them as dependencies?
> This message contains information which may be confidential and privileged. Unless you are the intended recipient (or authorized to receive this message for the intended recipient), you may not use, copy, disseminate or disclose to anyone the message or any information contained in the message.  If you have received the message in error, please advise the sender by reply e-mail, and delete the message.  Thank you very much.
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> https://lists.centos.org/mailman/listinfo/centos