Re: "Jumbo" Security Release of BIND corrects four exploitable vulnerabilities.

On 01/12/2017 03:51 PM, project722 wrote: Is there a way to mitigate these vulnerabilities outside of updating The source code from ISC is the official patch. We use RHEL and have to wait on the official patch they provide. I run Solaris servers from Oracle and I build iscbind named service

dnssec smart signing

Hello, I'm using dnssec-signzone to sign a zonefile. I have 3 keys stored on a HSM, here is the meta data for the keys: ; This is a key-signing key, keyid 15464, for example.com. ; Created: 20170112162324 (Thu Jan 12 18:23:24 2017) ; Publish: 20170112162324 (Thu Jan 12 18:23:24 2017) ; Activate:

Re: How to get the CNAME for a domain?

On Tue, Jan 10, 2017 at 6:52 AM, Mark Andrews wrote: > > Use named-checkconf to get the list of master and slave zones from > named.conf then transfer them all and extract the CNAME ownername > that matches. > > named-checkconf -p | > awk '$1 == "zone" { zone = $2; next; } > $1 == "type" && ( $2

Re: "Jumbo" Security Release of BIND corrects four exploitable vulnerabilities.

On 12/01/17 15:37, G.W. Haywood wrote: Maybe it makes a difference that I'm in England, and using IPv6? FWIW I see the same thing - also UK-based on IPv6 but traceroute shows I'm hitting a server in the US so I doubt that's relevant. Download of: https://www.isc.org/downloads/file/bind-9-9-

Re: "Jumbo" Security Release of BIND corrects four exploitable vulnerabilities.

Is there a way to mitigate these vulnerabilities outside of updating BIND? We use RHEL and have to wait on the official patch they provide. Our Bind version is 9.8.2 for RHEL 6 and 9.9.4 for RHEL 7. On Thu, Jan 12, 2017 at 9:37 AM, G.W. Haywood wrote: > Hello again, > > On Thu, 12 Jan 2017, Andr

Re: "Jumbo" Security Release of BIND corrects four exploitable vulnerabilities.

Hello again, On Thu, 12 Jan 2017, Andrey Fanin wrote: On Thu, 12 Jan 2017, G.W. Haywood wrote: > On Thu, 12 Jan 2017, Michael McNally wrote: > > > ISC has issued new security releases of BIND today [..snip..] > > I'm trying to get BIND 9.9.9-P5 from the downloads page, but > it seems to be givin

Re: "Jumbo" Security Release of BIND corrects four exploitable vulnerabilities.

Looks all is correctly delivered ( all three versions of tar.gz ) from my side ( UA ) 12.01.2017 14:44, G.W. Haywood пишет: Hi there, On Thu, 12 Jan 2017, Michael McNally wrote: ISC has issued new security releases of BIND today [..snip..] These are available via the http://www.isc.org/downl

Re: "Jumbo" Security Release of BIND corrects four exploitable vulnerabilities.

Hi there, On Thu, 12 Jan 2017, Michael McNally wrote: ISC has issued new security releases of BIND today [..snip..] These are available via the http://www.isc.org/downloads web page: BIND 9.9.9-P5 BIND 9.10.4-P5 BIND 9.11.0-P2 ... I'm trying to get BIND 9.9.9-P5 from the downloads pag