reg - BIND 9.3.0 - CVE-2009-0025

[Ashish]

Hi Folks,

 

This is regarding the recent security threat CVE-2009-0025.

 

We are using DNS 9.3.0 and unfortunately, we cannot upgrade (management
issues) to 9.3.6 (As suggested in ISC website)

 

ISC's website suggests to Upgrade OpenSSL to at least OpenSSL 0.9.8j and
then to upgrade to 9.3.6-P1.

 

Could you please advice how can I upgrade OpenSSL? Since we could not
upgrade DNS is there any other alternative for us. Could we apply the same
patch of 9.3.6-P1 on 9.3.0? Will it help resolving this issue?

 

Do I need to change code somewhere?

 

Kindly suggest what exactly I could do and what options I have to resolve
this issue.

 

Thank you in advance for all your help.

 

Ashish Rao


Please do not print this email unless it is absolutely necessary. 

The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. 

WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. 

www.wipro.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20090128/a566794e/attachment.html>