subject:"\[CentOS\] Is bind\-9.8.2\-0.47.rc1.el6_8.1.x86

Re: [CentOS] Is bind-9.8.2-0.47.rc1.el6_8.1.x86_64 vulnerable

2016-10-17 Thread マスターズ　イアン

Folks

Thanks for all the replies, especially the one with the rpm -q command in it 
(thanks Phil). I didn't know you could do that with rpm. Very useful indeed.

Regards

Ian
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Is bind-9.8.2-0.47.rc1.el6_8.1.x86_64 vulnerable

2016-10-17 Thread Phil Wyett

On Mon, 2016-10-17 at 14:28 +0900, マスターズ　イアン wrote:
> Hi
> 
> I'd like to know if the present version of Bind in CentOS 6 
> (bind-9.8.2-0.47.rc1.el6_8.1.x86_64) is vulerable to CVE-2016-2776.
> 
> According to https://www.isc.org/downloads/, version 9.8.x is End-of-Life 
> (EOL) as of Sep 2014.
> 
> Regards
> 
> ian


Hi,

Querying the current bind-libs changelog shows the CVE has been
addressed in the current version.

rpm -q --changelog bind-libs | grep CVE-2016-2776
- Fix CVE-2016-2776

Regards

Phil

-- 

Blog: https://philwyett-hemi.blogspot.co.uk/

GitLab: https://gitlab.com/philwyett_hemi/




signature.asc
Description: This is a digitally signed message part
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Is bind-9.8.2-0.47.rc1.el6_8.1.x86_64 vulnerable

2016-10-16 Thread John R Pierce


On 10/16/2016 10:28 PM, マスターズ　イアン wrote:

I'd like to know if the present version of Bind in CentOS 6 
(bind-9.8.2-0.47.rc1.el6_8.1.x86_64) is vulerable to CVE-2016-2776.

According tohttps://www.isc.org/downloads/, version 9.8.x is End-of-Life (EOL) 
as of Sep 2014.


Red Hat continues to maintain their own fork of 9.8 for EL6, and this 
RHSA https://rhn.redhat.com/errata/RHSA-2016-1944.html says that version 
of bind you mention does indeed include the fix to that CVE.   CentOS is 
built from the same SRPM's.



--
john r pierce, recycling bits in santa cruz

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Is bind-9.8.2-0.47.rc1.el6_8.1.x86_64 vulnerable

2016-10-16 Thread Eero Volotinen

https://access.redhat.com/security/cve/cve-2016-2776 check versions against
centos package numbers :)

--
Eero

2016-10-17 8:28 GMT+03:00 マスターズ イアン :

> Hi
>
> I'd like to know if the present version of Bind in CentOS 6
> (bind-9.8.2-0.47.rc1.el6_8.1.x86_64) is vulerable to CVE-2016-2776.
>
> According to https://www.isc.org/downloads/, version 9.8.x is End-of-Life
> (EOL) as of Sep 2014.
>
> Regards
>
> ian
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] Is bind-9.8.2-0.47.rc1.el6_8.1.x86_64 vulnerable

2016-10-16 Thread マスターズ　イアン

Hi

I'd like to know if the present version of Bind in CentOS 6 
(bind-9.8.2-0.47.rc1.el6_8.1.x86_64) is vulerable to CVE-2016-2776.

According to https://www.isc.org/downloads/, version 9.8.x is End-of-Life (EOL) 
as of Sep 2014.

Regards

ian
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Is bind-9.8.2-0.47.rc1.el6_8.1.x86_64 vulnerable

Re: [CentOS] Is bind-9.8.2-0.47.rc1.el6_8.1.x86_64 vulnerable

Re: [CentOS] Is bind-9.8.2-0.47.rc1.el6_8.1.x86_64 vulnerable

Re: [CentOS] Is bind-9.8.2-0.47.rc1.el6_8.1.x86_64 vulnerable

[CentOS] Is bind-9.8.2-0.47.rc1.el6_8.1.x86_64 vulnerable

5 matches

Site Navigation

Mail list logo

Footer information