From owner-freebsd-questions@FreeBSD.ORG Wed Aug 1 20:23:42 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1F84716A420 for ; Wed, 1 Aug 2007 20:23:42 +0000 (UTC) (envelope-from cperciva@freebsd.org) Received: from pd3mo3so.prod.shaw.ca (shawidc-mo1.cg.shawcable.net [24.71.223.10]) by mx1.freebsd.org (Postfix) with ESMTP id DF8FF13C494 for ; Wed, 1 Aug 2007 20:23:41 +0000 (UTC) (envelope-from cperciva@freebsd.org) Received: from pd2mr5so.prod.shaw.ca (pd2mr5so-qfe3.prod.shaw.ca [10.0.141.8]) by l-daemon (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0JM4007MM3B1U390@l-daemon> for freebsd-questions@freebsd.org; Wed, 01 Aug 2007 14:23:25 -0600 (MDT) Received: from pn2ml5so.prod.shaw.ca ([10.0.121.149]) by pd2mr5so.prod.shaw.ca (Sun Java System Messaging Server 6.2-7.05 (built Sep 5 2006)) with ESMTP id <0JM4003ZJ3B1EW30@pd2mr5so.prod.shaw.ca> for freebsd-questions@freebsd.org; Wed, 01 Aug 2007 14:23:26 -0600 (MDT) Received: from hexahedron.daemonology.net ([24.82.18.31]) by l-daemon (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with SMTP id <0JM400BCQ3B019C0@l-daemon> for freebsd-questions@freebsd.org; Wed, 01 Aug 2007 14:23:25 -0600 (MDT) Received: (qmail 18146 invoked from network); Wed, 01 Aug 2007 20:23:10 +0000 Received: from unknown (HELO hexahedron.daemonology.net) (127.0.0.1) by localhost with SMTP; Wed, 01 Aug 2007 20:23:10 +0000 Date: Wed, 01 Aug 2007 13:23:10 -0700 From: Colin Percival In-reply-to: <60BEAECB-C72A-46B3-90D7-F3AB8778605D@goldmark.org> To: Jeffrey Goldberg Message-id: <46B0EBAE.1090105@freebsd.org> MIME-version: 1.0 Content-type: text/plain; charset=ISO-8859-1 Content-transfer-encoding: 7bit X-Enigmail-Version: 0.95.0 References: <499c70c0707260136hea82f27s87dfa53432d0e409@mail.gmail.com> <94c6ae7ae570814564d364bfe9aad8ea@szalbot.homedns.org> <20070801030504.GA3773@bifrost.agrussell.com> <426DE541-FB51-44FF-B7F4-B34E0F9A7861@goldmark.org> <46B0DB5F.4020401@FreeBSD.org> <60BEAECB-C72A-46B3-90D7-F3AB8778605D@goldmark.org> User-Agent: Thunderbird 2.0.0.4 (X11/20070628) Cc: Doug Barton , Freebsd questions Subject: Re: Waiting for BIND security announcement X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 01 Aug 2007 20:23:42 -0000 Jeffrey Goldberg wrote: > Anyway, I was disappointed that the BIND fix didn't make it into > RELENG_6_2. Give us a little time. Unless an issue is exceptionally urgent, it usually takes us about a week to confirm that we're affected, to get a patch from upstream or create our own, to make sure the patch fixes the issue and doesn't create any new problems (there have been several issues lately where the upstream patches were broken), to confirm that the patch applies cleanly to all of our supported branches, and to write our advisory. Usually the FreeBSD Security Team hears about issues in major "contrib" code (e.g., sendmail, bind, openssl, openssh) ahead of time and is able to prepare before the issues become public, but this time we didn't get any advance warning. Colin Percival