[BlueOnyx:18118] Re: BIND security update
Matt James
matt at rainstorminc.com
Wed Jul 29 14:10:15 -05 2015
Hi Michael,
Great, thanks! Do you have a sense for how 5107R faired or how I can find out?
--
Matt James
RainStorm, Inc <http://rainstorminc.com/>
(207) 866-3908 x54
> On Jul 29, 2015, at 2:08 PM, Michael Stauber <mstauber at blueonyx.it> wrote:
>
> Hi Matt,
>
>
>> We recently heard about security updates to address a vulnerability in BIND: https://kb.isc.org/article/AA-01272
>>
>> Do we know what versions (if any) of BlueOnyx might be susceptible?
>
>> From the version numbers listed at https://kb.isc.org/article/AA-01272 I
> would assume that Bind on all BlueOnyx versions would be affected.
>
> I can see that the Bind on 5209R already seems to be fixed:
>
> #> rpm -q --changelog bind |more
> * Mo Jul 27 2015 Florian Weimer <fweimer at redhat.com> - 32:9.9.4-18.3
> - Fix CVE-2015-5477
>
> I checked the changlog of the BIND RPMs on CentOS6/SL6 and CentOS5 and
> couldn't find such a reference to a fix for CVE-2015-5477.
>
> So I checked at RedHat:
>
> https://access.redhat.com/security/cve/CVE-2015-5477
>
> It looks like they published updated BIND versions for EL5, EL6 and EL7.
> But CentOS only managed to push out the CentOS7 version of it.
>
> I'd assume the CentOS5 & 6 versions will be out pretty soon. If they
> have nothing within the next 36 hours I'll grab the RedHat SRPMs and
> will build updated BIND RPMs to distribute them via the BlueOnyx YUM
> repository. Wouldn't be the first time.
>
> --
> With best regards
>
> Michael Stauber
> _______________________________________________
> Blueonyx mailing list
> Blueonyx at mail.blueonyx.it
> http://mail.blueonyx.it/mailman/listinfo/blueonyx
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.blueonyx.it/pipermail/blueonyx/attachments/20150729/4ef7d087/attachment.html>
More information about the Blueonyx
mailing list