Patch bind to pluig Kaminsky DNS vulnerability for FC7?

[Les Mikesell]

Mike C wrote:
> Does anyone know if there is an easy way to fix bind (bind-chroot) running 
> in an old machine running FC7 so that it offers the same protection as
> bind-chroot-9.5.0-28.P1.fc8
> and
> bind-9.5.0-33.P1.fc9.i386
> ??
> 
> Can one use the src rpm for F8 and re-configure it for FC7?
> 
> I guess there are still quite a lot of servers in use that are running
> EOLed Fedoras.

While you could probably patch every hole yourself with source builds or 
rebuilding src rpms from newer fedora versions, you would be better off 
not using Fedora if you can't or don't want to keep up with the upgrade 
cycle, and fortunately there are distributions designed for that 
situation.  RHEL5 would be very similar if you want a version with paid 
support or CentOS5 if you don't.  Either will have several more years of 
continuing update support.  They aren't even such a bad choice for 
desktop use now that the updates have brought OpenOffice and Firefox up 
to near-current releases (an unusual move - most updates are just 
backported bug/security fixes).

-- 
   Les Mikesell
    lesmikesell at gmail.com