On 02/24/2011 01:08 PM, Machin, Greg wrote:
Hi.
I have had an enquiry from the Network and Security guy. He wants to
know why CentOS 5.5 /RHEL 5 is using a very old version of bind
"bind-chroot-9.3.6-4.P1.el5_5.3" when the latest release that has many
security fixes is on 9.7.3 . I understand that its to maintain a known
stable platform by in introducing new elements etc .. Is there an
official explanation / document that I can direct him to.
Hi Greg
Probably an idea to point your N&S guys at the RH 'backporting' Page -
https://access.redhat.com/security/updates/backporting/?sc_cid=3093
Basically, the version is kept the same to minimise impact on users,
whilst bugfixes and security errata from future versions are
'backported' to the version that ships with the relevant RHEL version.
Also worthwhile pointing them at the BIND CVE in the Redhat Bugzilla,
which advises on the impact on the RHEL versions -
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-0414
Regards
Steve
_______________________________________________
CentOS mailing list
[email protected]
http://lists.centos.org/mailman/listinfo/centos
