Paul Seward <paul.sew...@bristol.ac.uk> wrote: > > I thought I might get that sort of response, I'm not so much asking for a > fix as asking how I can find more information.
It'll be one of the 42 CVEs in the table at the top of this page: https://kb.isc.org/article/AA-00913/74/BIND-9-Security-Vulnerability-Matrix.html I think all of them probably apply to the version you are running. However you are running a version with Red Hat's mystery meat patches, so the vulnerabilities in what you are running won't match the nominal ISC version number. If you are running a service based on Red Hat's code, you should really be paying for support from Red Hat. If that isn't an option, use Carl Byington's RPMs instead. > but until then I need to show management that I've done my due diligence > into investigating the root cause. Well the root cause is that your management aren't supporting your routine security patch process! Tony. -- f.anthony.n.finch <d...@dotat.at> http://dotat.at/ - I xn--zr8h punycode North Shannon, Rockall, Malin, South Hebrides: Variable, mainly easterly at first, 3 or 4. Slight or moderate. Fair. Good. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
