Fixing BIND vulnerability on CentOS 6.6
August 4, 2015
There's a new BIND vulnerability in the wild that users can use to remote execute denial of service attacks. For most distributions it's just a matter of an
but according to this post I found on The Register's comments from an anonymous user, there's an extra step required with CentOS 6.6 since the patch is in CentOS 6.7 repositories and not in 6.6...
Just a heads up to anyone running CentOS 6.6: yum update will not fetch a patch for this vulnerability.
RedHat released a patch for RHEL 6.7, however CentOS 6.7 has not yet been released. If you want the patch now, you must enable CentOS' Continuous Release repository, otherwise your system will remain unpatched until CentOS 6.7 is officially released.
So to get this done, it's simple:
# yum install centos-release-cr -y # yum update bind -y # service named restart
And with that you're patched up and good as new.