Issue with bind9 - will a patch be available soon?

Installing, Configuring, Troubleshooting server daemons such as Web and Mail

Issue with bind9 - will a patch be available soon?

Postby johannscv » 2011/11/16 23:20:44

There is a serious flaw with bind9 and ISC has released a patch. This is a major issue. Will CentOS be releasing patched bind packages for 5.x & 6.x systems?If so, is there a timeframe we can expect?

ISC bulletin here:
http://www.isc.org/software/bind/adviso ... -2011-4313

Story from Sophos here:
http://nakedsecurity.sophos.com/2011/11 ... -internet/

Thanks!
johannscv
 
Posts: 4
Joined: 2011/11/16 23:10:29

Re: Issue with bind9 - will a patch be available soon?

Postby TrevorH » 2011/11/17 00:05:33

It is a major issue but since the patches have only just been released upstream at ISC, I think it's a bit too soon to be expecting CentOS to produce binaries for patches that Redhat have yet to backport to the versions contained in their distributions. The patches don't even address the issue, they only stop the server from crashing and exiting. So far, the story on this problem is very unclear and no-one yet knows the cause.
User avatar
TrevorH
Forum Moderator
 
Posts: 9166
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Issue with bind9 - will a patch be available soon?

Postby milosb » 2011/11/17 20:51:44

And here it is (as far as TUV is concerned):

https://rhn.redhat.com/errata/RHSA-2011-1458.html

It's a wild guess, but I'd expect for CentOS updates to be released sometime tomorrow.

Regards,
milosb
 
Posts: 661
Joined: 2009/01/18 00:39:15
Location: 44 49′14″N 20 27′44″E


Return to CentOS 5 - Server Support

Who is online

Users browsing this forum: No registered users and 1 guest