On 10/16/2016 10:28 PM, マスターズ イアン wrote:
I'd like to know if the present version of Bind in CentOS 6 
(bind-9.8.2-0.47.rc1.el6_8.1.x86_64) is vulerable to CVE-2016-2776.

According tohttps://www.isc.org/downloads/, version 9.8.x is End-of-Life (EOL) 
as of Sep 2014.

Red Hat continues to maintain their own fork of 9.8 for EL6, and this RHSA https://rhn.redhat.com/errata/RHSA-2016-1944.html says that version of bind you mention does indeed include the fix to that CVE. CentOS is built from the same SRPM's.


--
john r pierce, recycling bits in santa cruz

_______________________________________________
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Reply via email to