On 10/16/2016 10:28 PM, マスターズ イアン wrote:
I'd like to know if the present version of Bind in CentOS 6 
(bind-9.8.2-0.47.rc1.el6_8.1.x86_64) is vulerable to CVE-2016-2776.

According tohttps://www.isc.org/downloads/, version 9.8.x is End-of-Life (EOL) 
as of Sep 2014.

Red Hat continues to maintain their own fork of 9.8 for EL6, and this RHSA https://rhn.redhat.com/errata/RHSA-2016-1944.html says that version of bind you mention does indeed include the fix to that CVE. CentOS is built from the same SRPM's.

john r pierce, recycling bits in santa cruz

CentOS mailing list

Reply via email to