On 2015-03-14 08:01 AM, Jacco Ligthart wrote:
On 02/20/2015 02:50 PM, Chris Szilagyi wrote:
Greetings,
Looks like there was a somewhat serious security vulnerability
discovered with bind a couple of days ago which could result in remote
DoS type attacks. Were there any plans to update the bind packages
from upstream?
https://kb.isc.org/article/AA-01235/74/CVE-2015-1349%3A-A-Problem-with-Trust-Anchor-Management-Can-Cause-named-to-Crash.html
Thank you again for your great support.
Hi Chris,
This week upstream provided patches for this.
Today I compiled them for RSEL6 (updates-testing). This can be found
here: http://cdn.opensxce.org/redsleeve/el6/updates-testing/
Note that I did only test the resolver side till now.
Jacco
_______________________________________________
users mailing list
[email protected]
http://lists.redsleeve.org/mailman/listinfo/users
Jacco,
Thank you very much for the followup on this. I've applied the updates
to my environment and so far so good. We have authoritative and caching
nameservers and they are working fine.
All the Best,
--
Chris
_______________________________________________
users mailing list
[email protected]
http://lists.redsleeve.org/mailman/listinfo/users
