Bernhard Rosenkraenzer wrote:
>
> The P3 version on updates is actually P4 (or, to put it differently, P4
> is P3 with an extra patch we applied in P3 already).
> P5 doesn't change anything related to security, so it wasn't necessary to
> release an update.
> If you want P5, get it from rawhide or 6.2beta.
>
> > If the version on Red Hat's
> > site is not patched for the NXT hole,
>
> It is patched. If there is an NXT exploit for this version, it's a new
> one.
>
> LLaP
> bero
I hate to barge in here BUT, there is a security upgrade from P3 to P5,
and i quote from the isc.org page:
"ISC's BIND 8.2.2-P5 was released on November 12. It
includes many new features, including the security
updates from 8.2.2-P3. If you are running a version of
BIND prior to 8.2.2-P3, we strongly recommend
upgrading to correct the known security problems."
And to further my insistance that there are patches in P5 related to
security here is an interesting URL from their website:
http://www.isc.org/products/BIND/bind-security-19991108.html
where it discusses the bugs and the various release patches for their
bind code. I would build your own and get it from the vendor, rather
than be hacked waiting for a patch update or new RPM release from redhat
(no offense, but its isc's code, and they are MUCH quicker at fixing
exploits than redhat is).
Regards
--
Michael B. Weiner
Systems Administrator/Partner
The UserFriendly Network (UFN)
--
/ / (_)__ __ ____ __
/ /__/ / _ \/ // /\ \/ /
/____/_/_//_/\_,_/ /_/\_\
* * * CHOICE OF A GNU GENERATION * * *
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
