From owner-freebsd-questions Wed Nov 24 14:19:26 1999 Delivered-To: freebsd-questions@freebsd.org Received: from ns3.perceptionpub.com (ns3.perceptionpub.com [208.218.82.136]) by hub.freebsd.org (Postfix) with ESMTP id 9BBF8152CB; Wed, 24 Nov 1999 14:19:13 -0800 (PST) (envelope-from dave@webgator.com) Received: from localhost (dave@localhost) by ns3.perceptionpub.com (8.9.3/8.9.3) with ESMTP id RAA29125; Wed, 24 Nov 1999 17:18:22 -0500 (EST) (envelope-from dave@webgator.com) Date: Wed, 24 Nov 1999 17:18:22 -0500 (EST) From: Dave H X-Sender: dave@ns3.perceptionpub.com To: freebsd-questions@freebsd.org, freebsd-stable@freebsd.org, security-officer@freebsd.org Subject: Security status of BIND8 in stable Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi, I'll keep this brief. I basically have three questions about bind8 in stable: 1) The version in stable is still 8.1.2 - is there any reason to believe that the current well-known vulnerabilities in bind are not present for some reason in our bind 8.1.2? 2) Why hasn't FreeBSD made a statement is response to Cert Advisory CA-99-14? 3) How soon will the bind version be updated in stable? I'd prefer to stick with source instead of ports for ease of maintenance accross multiple machines. If building bind from ports is (and will continue to be) the best way of maintaining bind, so be it - I will make the change across all machines - I'd just rather not do it if it is not necessary. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message