How to patch your server against CVE-2015-5477

CVE-2015-5477 is a vulnerability in the popular BIND DNS software. Below is a guide on how to patch your server against this vulnerability:


# apt-get install bind9


You will need to enable the Continuous Release (CR) Repository in order to get this patch, this can be done using the following commands

# yum install centos-release-cr
# yum-config-manager --enable cr
# yum update bind

Optionally, once the above steps have been completed, you can disable the CR repositiory by running:

# yum-config-manager --disable cr

Once you have updated your server you can verify the patch has applied successfully by running:

rpm -q --changelog bind | grep CVE-2015-5477

If the patch has been successfully applied then you will see the following output:

- Fix CVE-2015-5477