From owner-freebsd-security  Wed Jul 10 20:55:34 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id BC4C137B400; Wed, 10 Jul 2002 20:55:31 -0700 (PDT)
Received: from lariat.org (lariat.org [63.229.157.2])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id DD2C443E42; Wed, 10 Jul 2002 20:55:30 -0700 (PDT)
	(envelope-from brett@lariat.org)
Received: from mustang.lariat.org (IDENT:ppp1000.lariat.org@lariat.org [63.229.157.2])
	by lariat.org (8.9.3/8.9.3) with ESMTP id VAA29391;
	Wed, 10 Jul 2002 21:55:16 -0600 (MDT)
X-message-flag: Warning! Use of Microsoft Outlook is dangerous and makes your system susceptible to Internet worms.
Message-Id: <4.3.2.7.2.20020710215210.02ec1410@localhost>
X-Sender: brett@localhost
X-Mailer: QUALCOMM Windows Eudora Version 4.3.2
Date: Wed, 10 Jul 2002 21:55:11 -0600
To: Doug Barton <DougB@FreeBSD.ORG>,
	Julian Elischer <julian@elischer.org>
From: Brett Glass <brett@lariat.org>
Subject: Re: DNS problems in bind tools.
Cc: security@FreeBSD.ORG
In-Reply-To: <20020710192501.L1551-100000@master.gorean.org>
References: <Pine.BSF.4.21.0207101826350.41638-100000@InterJet.elischer.org>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

At 08:27 PM 7/10/2002, Doug Barton wrote:

>Well, the fix is to update BIND altogether...  I've done the update in
>RELENG_4, and my discussion with the SO team was that we'd back port it at
>least as far as RELENG_4_4 once it's had a chance to mellow in RELENG_4.

This might be a good time to make BIND a port which is usually installed,
rather than part of the base install. (This idea has come up many times
before, most recently on the -STABLE list). Sysinstall could ask whether
you want BIND, and, if so, which version. (If I'm installing BIND 9,
I'd like to avoid installation of BIND 8 -- at least once BIND 9 gets
a patched libbind.)

--Brett


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message