Date: Thu, 10 Jul 2008 22:17:15 +1000 From: Edwin Groothuis <edwin@mavetju.org> To: freebsd-stable@freebsd.org Subject: Re: BIND update? Message-ID: <20080710121715.GB41541@k7.mavetju> In-Reply-To: <20080710102955.GA6902@e-Gitt.NET> References: <20080710094006.GX6902@e-Gitt.NET> <20080710094451.GS62764@server.vk2pj.dyndns.org> <20080710095809.GA59288@eos.sc1.parodius.com> <4875E1B6.3010407@delphij.net> <20080710102955.GA6902@e-Gitt.NET>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Jul 10, 2008 at 12:29:55PM +0200, Oliver Brandmueller wrote: > Hi, > > On Thu, Jul 10, 2008 at 03:17:26AM -0700, Xin LI wrote: > > Speaking as my own: Base system needs more conservative QA process, > > e.g. we want to minimize the change, we need to analyst the impact > > (FWIW the security fix would negatively affect heavy traffic sites) > > and document it (i.e. the security advisory), and we want to make the > > change a one-time one (for instance, shall we patch libc's resolver as > > well?), so rushing into a "presumably patched" state would not be a > > very good solution. > > I understand the reasons and that surely needs to be taken into account. > Does that imply that the FreeBSD project got the information later than > f.e. M$ or Debian, who are usually not really known for coming up too > fast with such fixes? According to http://www.kb.cert.org/vuls/id/800113, FreeBSD was tested, but it doesn't say if it was informed. Microsoft knew about it earlier than yesterday, because they are a DNS software provider. Edwin -- Edwin Groothuis | Personal website: http://www.mavetju.org edwin@mavetju.org | Weblog: http://www.mavetju.org/weblog/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080710121715.GB41541>