Larry Vaden
2011-Feb-23 17:27 UTC
[CentOS] http://www.securityweek.com/high-severity-bind-vulnerability-advisory-issued
US-CERT encourages users and administrators using the affected versions of BIND to upgrade to BIND 9.7.3. Optionally, one can wait on a backport.
Brunner, Brian T.
2011-Feb-23 17:45 UTC
[CentOS] http://www.securityweek.com/high-severity-bind-vulnerability-advisory-issued
> -----Original Message----- > From: centos-bounces at centos.org > [mailto:centos-bounces at centos.org] On Behalf Of Larry Vaden > Sent: Wednesday, February 23, 2011 12:27 PM > To: CentOS mailing list > Subject: > [CentOS]http://www.securityweek.com/high-severity-bind-vulnera > bility-advisory-issued > > US-CERT encourages users and administrators using the affected > versions of BIND to upgrade to BIND 9.7.3. > > Optionally, one can wait on a backport.Optionally, start BIND with the parameter to restrict BIND to one thread (-n 1). This prevents the deadlock which, though fatal to BIND when it happens, is a remote probability. ******************************************************************* This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This footnote also confirms that this email message has been swept for the presence of computer viruses. www.Hubbell.com - Hubbell Incorporated**
m.roth at 5-cent.us
2011-Feb-23 17:55 UTC
[CentOS] http://www.securityweek.com/high-severity-bind-vulnerability-advisory-issued
Larry Vaden wrote:> US-CERT encourages users and administrators using the affected > versions of BIND to upgrade to BIND 9.7.3. > > Optionally, one can wait on a backport.Larry, go away. You don't seem to contribute anything at all to the list, other than your obnoxiousness, and your desire to start flamewars, which presumably give you some kind of jollies. Yes, most of us saw this today on slashdot, if nowhere else. I would expect RH to have the fix out in a day or two, and CentOS to have it out the same day. mark
Markus Falb
2011-Feb-23 18:07 UTC
[CentOS] http://www.securityweek.com/high-severity-bind-vulnerability-advisory-issued
On 23.2.2011 18:27, Larry Vaden wrote:> US-CERT encourages users and administrators using the affected > versions of BIND to upgrade to BIND 9.7.3. > > Optionally, one can wait on a backport.Ahhh! Have a look at the relevant bugzilla ticket at https://bugzilla.redhat.com/show_bug.cgi?id=679496 and read ...snip This issue did not affect the versions of bind as shipped with Red Hat Enterprise Linux 4, 5, or 6. snap... -- Best Regards, Markus Falb -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 267 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos/attachments/20110223/9259e1db/attachment.sig>
James B. Byrne
2011-Feb-24 17:48 UTC
[CentOS] http://www.securityweek.com/high-severity-bind-vulnerability- advisory-issued
On Wed, February 23, 2011 13:07, Markus Falb wrote:> On 23.2.2011 18:27, Larry Vaden wrote: >> US-CERT encourages users and administrators using the affected >> versions of BIND to upgrade to BIND 9.7.3. >> >> Optionally, one can wait on a backport. > > Ahhh! > > Have a look at the relevant bugzilla ticket at > https://bugzilla.redhat.com/show_bug.cgi?id=679496 > and read > > ...snip > This issue did not affect the versions of bind as shipped with > Red Hat Enterprise Linux 4, 5, or 6. > snap...I guess this is what you you get when you settle for an 'enterprisey' distro. Dated software that somebody else got to find the bugs in. Poor chaps. -- *** E-Mail is NOT a SECURE channel *** James B. Byrne mailto:ByrneJB at Harte-Lyne.ca Harte & Lyne Limited http://www.harte-lyne.ca 9 Brockley Drive vox: +1 905 561 1241 Hamilton, Ontario fax: +1 905 561 0757 Canada L8E 3C3