This website is deprecated, and remains online only for historic access to old issues and docs for historic versions of Virtualmin. It has been unmaintained for several years, and should not be relied on for up-to-date information. Please visit www.virtualmin.com instead.

CVE-2015-5477: vulnerability in BIND

6 posts / 0 new

Topic locked

Last post

#1 Wed, 08/05/2015 - 05:01

amityweb

CVE-2015-5477: vulnerability in BIND

Just wondered if there is any status with fixing the issue with CVE-2015-5477: vulnerability in BIND. See the below websites. Nothing showing in virtualmin updates yet. Thanks

http://www.securityweek.com/bind-update-patches-critical-dos-vulnerability http://www.securityweek.com/critical-dos-flaw-bind-exploited-target-dns-...

#2 Wed, 08/05/2015 - 13:45

andreychek

Howdy,

The BIND updates are provided by your Linux distribution. Which distribution/version is it that you're using there?

-Eric

#3 Wed, 08/05/2015 - 16:33

amityweb

Centos 6 - wasn't sure if you did something or not - so guess we just wait for Centos to patch it then

#4 Wed, 08/05/2015 - 21:50

andreychek

Howdy,

You may want to try running "yum update" to be sure there aren't any pending updates for your server.

-Eric

#5 Thu, 08/06/2015 - 11:43

amityweb

Thanks, only wbm-virtual-server which is listed in Webmin. I guess Centos havent released anything yet.

#6 Mon, 08/10/2015 - 10:20

amityweb

Looks like its released now. I just installed BIND 9.8.2-0.37.rc1.el6_7.2 which I believe is the latest version that fixes the issue.

Topic locked