List ecs-isp@2rosenthals.com Arkiverade meddelande #109

Från: "Dan Napier" <ecs-isp@2rosenthals.com> Meddelandehuvud
Oavkodat meddelande
Ämne: RE: [eCS-ISP] [BULK] [eCS-ISP] Bind 9.11.20
Datum: Tue, 14 Jul 2020 16:48:49 -0700
Till: "eCS ISP Mailing List" <ecs-isp@2rosenthals.com>

Paul

 

I just installed the 9.11  Porsche  it does report ipv6 even in the OS2 command line The server is reporting ipv6 addresses, so I guess if the system is able to do with it it runs.  So far I have not seen any 100 CPU usage.  I will keep a close watch.  Thanks for all your effort.

Dan

 

From: eCS ISP Mailing List [mailto:ecs-isp@2rosenthals.com]
Sent: Monday, July 13, 2020 3:02 PM
To: eCS ISP Mailing List <ecs-isp@2rosenthals.com>
Subject: Re: [eCS-ISP] [BULK] [eCS-ISP] Bind 9.11.20

 

Hi Dan and Lewis,

 

In addition to Lewis's comments - as I recall - newer bind versions don't provide the options of disabling ipv6 support - so we need to provide enough stubs of ipv6 headers to let it compile and work.

 

I did this for openvpn (which similarly doesn't give an option to disable ipv6) - but ironically, it was this added header support that was causing the 100% cpu usage with Bind 9.11.x.

 

For the above reasons, I focussed on maintaining 9.11.x as this is EOL December 2021 - which gives us plenty of time to come up with a solution for the next ESV version.

 

Cheers,

 

Paul

 

On Tue, 14 Jul 2020 at 02:05, Lewis G Rosenthal <ecs-isp@2rosenthals.com> wrote:

Hi, Dan...

On 07/13/20 12:01 pm, Dan Napier wrote:
> Hello Friends
>
> Did I miss something, I seem to be way ahead of the curve.  Running 9.12.4   I am not a Math Major, so I might be wrong, but isn’t 9.11.20 a lower rev?
> 9.12.4 seems to run dandy, reports ip4 and ip6 addresses, does not hog cpu.  Did I do something wrong?
>

As you will note here:

https://bind.isc.org/

9.11 is an ESV (Extended Service Release). 9.11.20 is indeed newer than 9.12.4.

BIND 9.12.4 was a maintenance release, specifically to address issues
disclosed in CVE-2018-5744, CVE-2018-5745, and CVE-2019-6465.

9.11.20, OTOH, addresses all security issues up through CVE-2020-8619:

https://gitlab.isc.org/isc-projects/bind9/-/blob/v9_11/README.md

Not every higher version number necessarily denotes a *newer* or more secure
one. 9.12 was a development branch; 9.11 is a stable one.

9.16 is current, and will eventually become an ESV (I believe), so at some
point, that should become our target.

GL HTH

--
Lewis
-------------------------------------------------------------
Lewis G Rosenthal, CNA, CLP, CLE, CWTS, EA
Rosenthal & Rosenthal, LLC                www.2rosenthals.com
visit my IT blog                www.2rosenthals.net/wordpress
-------------------------------------------------------------


=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
This message is sent to you because you are subscribed to
  the mailing list <ecs-isp@2rosenthals.com>.
To unsubscribe, E-mail to: <ecs-isp-off@2rosenthals.com>
To switch to the DIGEST mode, E-mail to <ecs-isp-digest@2rosenthals.com>
To switch to the INDEX mode, E-mail to <ecs-isp-index@2rosenthals.com>
Send administrative queries to  <ecs-isp-request@2rosenthals.com>
To subscribe (new addresses), E-mail to: <ecs-isp-on@2rosenthals.com> and reply to the confirmation email.
Web archives are publicly available at: http://lists.2rosenthals.com

This list is hosted by Rosenthal & Rosenthal, LLC
P.O. Box 281, Deer Park, NY 11729-0281. Non-
electronic communications related to content
contained in these messages should be directed
to the above address. (CAN-SPAM Act of 2003)

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=


 

--

Cheers,

 

Paul

-- 
This email was Anti Virus checked by Astaro Security Gateway. http://www.sophos.com

Prenumerera: Sändning, Uppsamling, Index.
Stoppa prenumeration
Meddelande till ListMaster