My apologies. I now realize how important that "extended support" P2 is after the version number which I should have specified in my original email. I assume that since OpenVAS credentialed scanning doesn't complain about it that the really important patches have been backported to it which is why RHEL / CentOS offer it in their package stores. When I upgrade OS in the environment I'm sure my BIND version will advance with it.
Thanks, Scott ________________________________ From: bind-users <[email protected]> on behalf of Victoria Risk <[email protected]> Sent: February 23, 2020 2:35 PM To: @lbutlr <[email protected]> Cc: bind-users <[email protected]> Subject: Re: Advice on balancing web traffic using geoip ACls On Feb 23, 2020, at 6:57 AM, @lbutlr <[email protected]<mailto:[email protected]>> wrote: On 22 Feb 2020, at 18:25, Scott A. Wozny <[email protected]<mailto:[email protected]>> wrote: I’m setting up hot-hot webserver clusters hosted on the west and east coasts of the US and would like to use Bind 9.11.4 I’d consider changing that version. While Bind 9.11 *is* still supported, it is EOL at the end of this year. If you really really want to run 9.11, at least run the latest patch level (9.11.6 should be coming really soon). We will continue with security patches for 9.11 through the end of 2021, so 9.11 is not a bad choice for someone who doesn’t want to migrate for a long time. 9.14.10 is the current stable release and 9.11.15 is the current extended support release. Unless you know something is broken in 9.14.10 (unlikely) that would be the version to look at. 9.14 has just been replaced by 9.16, released just this past week. We will continue offering security releases for 9.14 for a 3-month period to support migration to 9.16. Someone doing a migration today should look at 9.16 rather than 9.14. You absolutely should not be running a bind version several years old, as 9.11.4 is. agreed Victoria Risk Product Manager Internet Systems Consortium [email protected]<mailto:[email protected]>
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list [email protected] https://lists.isc.org/mailman/listinfo/bind-users
