Junos OS

 View Only
last person joined: 23 hours ago 

Ask questions and share experiences about Junos OS.
  • 1.  Obsolete BIND version

    Posted 03-10-2021 04:42
    Hi, guys.
    We go through PSI DSS compliance with SRX 345 and dns-proxy enabled on them.
    Current release that we use 20.1R2 contain BIND 9.6 which has been considered obsolete since February, 2014

    I can't find any information about packages inside Junos (

    Questions:

    1. Is there a Junos version with a fresh BIND version?
    2. Where I can find information about packages inside Junos?


  • 2.  RE: Obsolete BIND version

    Posted 03-10-2021 05:45
    Based on this January 2021 post from Juniper SIRT it looks like you are already on the most recent version of bind that Juniper is shipping.

    https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11091

    I would suggest you open a technical support case and get the road map and technical details you need for your security team review.  These are not generally part of routine documentation.  But tech support is able to get them on request.

    ------------------------------
    Steve Puluka BSEET - Juniper Ambassador
    IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
    http://puluka.com/home
    ------------------------------



  • 3.  RE: Obsolete BIND version

     
    Posted 03-11-2021 06:32
    Hi,
    I heard that Juniper sometimes point fixes issues in certain things under the hood instead of picking up an official new(er) version. So the conclusion "it runs version x-n instead of the newest version x, so it must be affected by issues fixed in x" is not possible.
    Regards
    Ulf