CentOS

There is a serious flaw with bind9 and ISC has released a patch. This is a major issue. Will CentOS be releasing patched bind packages for 5.x & 6.x systems?If so, is there a timeframe we can expect?

ISC bulletin here:
http://www.isc.org/software/bind/advisories/cve-2011-4313

Story from Sophos here:
http://nakedsecurity.sophos.com/2011/11/16/mystery-flaw-crashing-dns-servers-across-the-internet/

Thanks!

It is a major issue but since the patches have only just been released upstream at ISC, I think it's a bit too soon to be expecting CentOS to produce binaries for patches that Redhat have yet to backport to the versions contained in their distributions. The patches don't even address the issue, they only stop the server from crashing and exiting. So far, the story on this problem is very unclear and no-one yet knows the cause.

And here it is (as far as TUV is concerned):

https://rhn.redhat.com/errata/RHSA-2011-1458.html

It's a wild guess, but I'd expect for CentOS updates to be released sometime tomorrow.

Regards,

CentOS

Issue with bind9 - will a patch be available soon?

Issue with bind9 - will a patch be available soon?

Re: Issue with bind9 - will a patch be available soon?

Issue with bind9 - will a patch be available soon?