Has anyone upgraded their DNS to the newest version

[Jim Reid]

    >> Has anyone upgraded their DNS to the newest version?

Pretty much everyone who cares about their name servers and the
integrity of their network and computer systems.

    >> there are 4 exploits open in bind 8.2.2 Mainly I want to know
    >> if there are any complications like modified syntax. I am
    >> currently running BIND 8.2.2 patchlevel 5. I do not have a
    >> spare system to test this on and am loath to apply upgrades to
    >> live servers. Any help would be greatly appreciated.

This should be a no-brainer. A CERT advisory tells the world there are
security holes in 8.2.2P5. It also provides details of the BIND
versions that plug these holes. What do you do? Fix the problem or
hope the software you're currently running and now know to be
vulnerable is never attacked? I wouldn't have expected this to be a
tough decision to make. FYI, the fixed version of BIND8, 8.2.3, runs
on all the Internet root servers. If it's good enough for them, then
it should be more than good enough for you.

As for "modified syntax", it appears that 8.2.3 is a bit fussier about
the format of zone files. [See the recent postings here about people
who have been caught out by their broken zone files that previous BIND
versions tolerated.] This should only be a problem for people who
have not read and followed the standard defined in RFC1035. And if
someone's in that position, they should fix that anyway.