Security on 2.2?



  • Hey folks,

    I have a question.

    One of my machines is still running 2.2.6, due to the fact that I want to keep using the dns-server (tinydns) package.

    Am I a fool? I want to be patched against known security issues, is there a way to do that in 2.2?
    Is there a way to keep 2.2.X and be safe? I'm pretty sure I already know the answer but haven't been able to confirm.

    Thanks!



  • As of this instant there aren't any serious issues in 2.2.x. But tomorrow the next Heartbleed or similar could be disclosed, leaving you with an urgent need to patch. No practical way to do that yourself. So I'd suggest switching to the BIND package, or better, moving DNS to a server machine instead, so you're not in a bind should some major security issue arise that requires immediate patching.