"Jumbo" Security Release of BIND corrects four exploitable vulnerabilities.

Dennis Clarke dclarke at blastwave.org
Thu Jan 12 17:37:51 UTC 2017

On 01/12/2017 03:51 PM, project722 wrote:
> Is there a way to mitigate these vulnerabilities outside of updating

The source code from ISC is the official patch.

> We use RHEL and have to wait on the official patch they provide.

I run Solaris servers from Oracle and I build iscbind named service
from sources from ISC and that is the official patch.

> Our Bind version is 9.8.2 for RHEL 6 and 9.9.4 for RHEL 7.

Yes, Red Hat is very slow to release security patches.

Really, you need to make a slight adjustment and realize that the real
patch is from ISC and then you make the decision to wait for someone
else to compile it in for you ( Red Hat or whomever ) or just do it
yourself and then you know it is done and you even know it was done
correctly and as a real bonus you know who did it.

Dennis Clarke
dc at genunix.com

More information about the bind-users mailing list