bind

Issues related to applications and software problems
good_face
Posts: 69
Joined: 2019/10/15 13:29:09

bind

Post by good_face » 2020/12/02 14:26:51

I use bind version is 9.11.4-26.P2.el7.x86_64
Do we need to update the new bind version? Which version do we need to switch to. and how do we know that this is really necessary? There are updates from time to time, you think every update should be done, how we should organize it. How should we decide what to update?
How can I decide if it's really necessary? What are the vulnerability and we really have to do the premise right now?
Last edited by good_face on 2020/12/03 10:30:20, edited 1 time in total.

User avatar
jlehtone
Posts: 3354
Joined: 2007/12/11 08:17:33
Location: Finland

Re: bind

Post by jlehtone » 2020/12/02 15:27:00

Update all.

The current versions (for CentOS 7) seem to be:

Code: Select all

kernel   3.10.0-1160.6.1.el7
bind     32:9.11.4-26.P2.el7_9.2
The latest version is the supported version.
Anything earlier should be assumed to have more bugs and vulnerabilities than the latest released version.

User avatar
TrevorH
Forum Moderator
Posts: 30358
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: bind

Post by TrevorH » 2020/12/02 15:33:33

you think every update should be done
Yes. Or at the least you should check it to see what it fixes and put it on if it's security related. Most updates for CentOS between point releases are for security though.
CentOS 6 died in November 2020 - migrate to a new version!
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 is dead, do not use it.
Full time Geek, part time moderator. Use the FAQ Luke

good_face
Posts: 69
Joined: 2019/10/15 13:29:09

Re: bind

Post by good_face » 2020/12/02 16:04:35

The link below is said to be a security vulnerability. Do I need to fix this right away? Is this something important? Which version should I switch to for this and how can I find a document that tells me that the binding version or OS update process for this vulnerability has been fixed ? Is it really something that needs to be updated. Also, is there a bind version update with yum update or I will do a different process for it.
Last edited by good_face on 2020/12/03 10:29:58, edited 1 time in total.

User avatar
TrevorH
Forum Moderator
Posts: 30358
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: bind

Post by TrevorH » 2020/12/02 16:25:20

The most recent version is always available by running yum update.

Please see https://access.redhat.com/security/updates/backporting for information about how Red Hat goes about deciding which versions are shipped and bear that in mind when looking for an updated version. The "latest" version number is unlikely to be the correct solution for RHEL/CentOS based systems.
CentOS 6 died in November 2020 - migrate to a new version!
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 is dead, do not use it.
Full time Geek, part time moderator. Use the FAQ Luke

good_face
Posts: 69
Joined: 2019/10/15 13:29:09

Re: bind

Post by good_face » 2020/12/02 20:09:24

I have read and understood your priceless information. I want to ask you something I was curious about and researched but could not find. How can I find which OS version the bind version I want to install is compatible with? For example, I need to upgrade to the new version for the error in the bind version I am using, but if the OS does not recommend it, or which OS version should I use to support this update, how can I find the information here. As you know, system security scans are performed with some tools, but it is difficult to find the actions to be taken on the system and OS side. I also want to know, is there something to be done in the system for this vulnerability or is it unnecessary? I wonder which centos version the following vulnerabilities are fixed and the method of finding. if not, just a bind update won't make any sense.




thanks
Last edited by good_face on 2020/12/03 10:29:43, edited 1 time in total.

User avatar
TrevorH
Forum Moderator
Posts: 30358
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: bind

Post by TrevorH » 2020/12/03 02:49:18

You only install things using yum.

The article I pointed you to shows you how to check for CVE numbers in the rpm changelog to see if things are fixed. You can also check the status of CVE numbers using https://access.redhat.com/security/cve/ - for example https://access.redhat.com/security/cve/CVE-2014-0224
CentOS 6 died in November 2020 - migrate to a new version!
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 is dead, do not use it.
Full time Geek, part time moderator. Use the FAQ Luke

good_face
Posts: 69
Joined: 2019/10/15 13:29:09

Re: bind

Post by good_face » 2020/12/03 10:29:10

i use centos 7.8 (2003 ) and I could not find anything about cve-2020-8616 on the website. what does it mean? just i am asking to find out

https://access.redhat.com/security/cve/cve-2020-8616

mghe
Posts: 763
Joined: 2015/11/24 12:04:43
Location: Katowice, Poland

Re: bind

Post by mghe » 2020/12/03 10:43:12

Try it: $ rpm -q bind --changelog | grep 8616

good_face
Posts: 69
Joined: 2019/10/15 13:29:09

Re: bind

Post by good_face » 2020/12/03 10:58:20

can you comment on what you wanted? I could not make any comments.

$ rpm -q bind --changelog | grep 8616
RPM version 4.11.3

Post Reply

Return to “CentOS 7 - Software Support”