Shanker typed:
>
> I got in touch with Atul and this is what he had to say on Bind -
> Bind in 6.1 is not broken. The way RH sets up your hosts file is
> broken
> (refer my FAQ), and it confuses my pcqupdt script.
That was the "slight" problem I was referring to in my last message -
(The one which I said Atul talked about in the ILUG-BLR Nov or Dec meet..)
>
> Note, however, that bind in RHL 6.0 is *insecure* and is a major security
> hole. It was because of holes like these that we never put out an RHL
> 6.0 CD - as far as I remember, RH released three new versions of bind
> before they got it right, and just after that released RHL 6.1.
>
> I recommend that anyone using bind should be running 8.2.2 or later
> (RHL 6.1 ships with 8.2.2).
I think Atul has got things a little bit mixed up here..RH 6.1 (and the
PCQ Nov CD) shipped with Bind 8.2.1-7. The security advisories on this
version of Bind came out *after* the PCQ version was released (sometime
in late Oct99)..The security advisory had recommended upgrading to Bind
version 8.2.2-P3 ..
A couple of days back there was a msg from Suresh (Cauce) in this thread
mentioning that 8.2.2-P3 too has security holes.. I haven't checked
up with the Bind official site - but then I suppose Suresh might very
well be right.. Raj hasn't been posting Linux security advisories here
since he got unfairly flamed for it quite a while back :-( , and a lot
of us who don't frequent the security mailing lists / websites are left
in the dark..
Kala
-----------------------------------------------------------------------
The LIH mailing list archives are available at:
http://lists.linux-india.org/cgi-bin/wilma/linux-india-help
