From owner-freebsd-stable@FreeBSD.ORG Wed Jul 31 12:44:47 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id B47C7C18 for ; Wed, 31 Jul 2013 12:44:47 +0000 (UTC) (envelope-from feld@FreeBSD.org) Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 8537D2018 for ; Wed, 31 Jul 2013 12:44:47 +0000 (UTC) Received: from compute3.internal (compute3.nyi.mail.srv.osa [10.202.2.43]) by gateway1.nyi.mail.srv.osa (Postfix) with ESMTP id 5A38F2164D for ; Wed, 31 Jul 2013 08:44:46 -0400 (EDT) Received: from web3 ([10.202.2.213]) by compute3.internal (MEProxy); Wed, 31 Jul 2013 08:44:46 -0400 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=message-id:from:to:mime-version :content-transfer-encoding:content-type:subject:date:in-reply-to :references; s=smtpout; bh=YfsbZ+wpKBUSvRsRjurKMizd0Yo=; b=XAEn3 X+JecrM7r8d8lZbFaGAqIpaKwMuEUcsoaUtWYsPy5dd8G5FvECNPojXAtBIpbCF8 C86veWCJLWOku2cb/0C+xuxn73hl3lnELV0GZyx/Eznod0fMfDoCAH+WGOd0tGsA GZPZ2ul0n7B67fEaNVbQ3XVSYhLX74yxMkVQMo= Received: by web3.nyi.mail.srv.osa (Postfix, from userid 99) id 08487B01F75; Wed, 31 Jul 2013 08:44:46 -0400 (EDT) Message-Id: <1375274685.29675.3670495.2BC93862@webmail.messagingengine.com> X-Sasl-Enc: OQIAubt2Rj+I6XJb/aSr3Rl/fEE/Y1QYygn/sU0YNw7N 1375274685 From: Mark Felder To: freebsd-stable@freebsd.org MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain X-Mailer: MessagingEngine.com Webmail Interface - ajax-9e4be734 Subject: Re: Bind in FreeBSD, security advisories Date: Wed, 31 Jul 2013 07:44:45 -0500 In-Reply-To: <20130731123741.GO84587@droso.dk> References: <1375186900.23467.3223791.24CB348A@webmail.messagingengine.com> <51F7B5C7.6050008@digsys.bg> <51F7C07C.9060606@digsys.bg> <51F7E352.30300@digsys.bg> <51F8B0E8.8090608@ShaneWare.Biz> <51F8F1CB.20707@digsys.bg> <1375273340.22504.3655263.0DFF1E05@webmail.messagingengine.com> <20130731123741.GO84587@droso.dk> X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Jul 2013 12:44:47 -0000 On Wed, Jul 31, 2013, at 7:37, Erwin Lansing wrote: > > 3rd party, and especially those that are still being distributed as > experimental, will not be part of the base BIND code. It will only > contain a direct import from the vendor sources. > I agree, experimental patches have no place in base. If this hits BIND 9.9 though I'd never even consider running BIND from base as an authoritative server as it's missing this patch which can at least partially mitigate a DoS.