Re: current bind version

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Feb 23, 2011, at 10:23 PM, John R Pierce <pierce@xxxxxxxxxxxx> wrote:

> On 02/23/11 6:08 PM, Machin, Greg wrote:
>> 
>> Hi.
>> 
>> I have had an enquiry from the Network and Security guy. He wants to 
>> know why CentOS 5.5 /RHEL 5 is using a very old version of bind 
>> âbind-chroot-9.3.6-4.P1.el5_5.3â when the latest release that has many 
>> security fixes is on 9.7.3 . I understand that its to maintain a known 
>> stable platform by in introducing new elements etc .. Is there an 
>> official explanation / document that I can direct him to.
>> 
>> 
> 
> to put it bluntly, your security guy is pretty much worthless as such if 
> he thinks security is audited by checking version numbers.
> 
> sadly, this is too common.

Let's face it most auditors these days are just accountants with Infosys Mgmt text books.

The ridiculously high levels of regulations has created a demand for auditors that can no longer be filled by competent IT skilled auditors.

Oh well these are the days.

-Ross

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos



[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux