From owner-freebsd-stable@FreeBSD.ORG  Wed Jul 31 15:01:13 2013
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTP id 40745F2C
 for <freebsd-stable@freebsd.org>; Wed, 31 Jul 2013 15:01:13 +0000 (UTC)
 (envelope-from dmagda@ee.ryerson.ca)
Received: from eccles.ee.ryerson.ca (eccles.ee.ryerson.ca [141.117.1.2])
 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by mx1.freebsd.org (Postfix) with ESMTPS id EB7FC26CC
 for <freebsd-stable@freebsd.org>; Wed, 31 Jul 2013 15:01:12 +0000 (UTC)
Received: from webmail.ee.ryerson.ca (eccles [172.16.1.2])
 by eccles.ee.ryerson.ca (8.14.4/8.14.4) with ESMTP id r6VEwjMM046962;
 Wed, 31 Jul 2013 10:58:46 -0400 (EDT)
 (envelope-from dmagda@ee.ryerson.ca)
Received: from 206.108.127.2 (SquirrelMail authenticated user dmagda)
 by webmail.ee.ryerson.ca with HTTP; Wed, 31 Jul 2013 10:58:47 -0400
Message-ID: <89db71bfd414c1de47cd125f47d322d6.squirrel@webmail.ee.ryerson.ca>
In-Reply-To: <20130731.085541.74748290.sthaug@nethelp.no>
References: <2F6932C3-EF37-49FC-83EE-05512DD5A05C@digsys.bg>
 <9b0056db5b760c755dd4acc45bfbd1ad.authenticated@ultimatedns.net>
 <20130731020623.7243C37DF218@drugs.dv.isc.org>
 <20130731.085541.74748290.sthaug@nethelp.no>
Date: Wed, 31 Jul 2013 10:58:47 -0400
Subject: Re: Bind in FreeBSD, security advisories
From: "David Magda" <dmagda@ee.ryerson.ca>
To: sthaug@nethelp.no
User-Agent: SquirrelMail/1.4.22
MIME-Version: 1.0
Content-Type: text/plain;charset=iso-8859-1
Content-Transfer-Encoding: 8bit
Cc: freebsd-stable@freebsd.org
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-stable>,
 <mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
 <mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 31 Jul 2013 15:01:13 -0000

On Wed, July 31, 2013 02:55, sthaug@nethelp.no wrote:

> I'm also more than a little surprised about people dragging out
> sendmail as a shining example of *good* (bug-free?) software. Does
> nobody remember any history here? It wasn't *that* many years ago
> that we seemed to have "sendmail-bug-of-the-day"...

Seven years ago and ten years ago:

http://www.freebsd.org/security/advisories/FreeBSD-SA-06:17.sendmail.asc
http://www.freebsd.org/security/advisories/FreeBSD-SA-06:13.sendmail.asc
http://www.freebsd.org/security/advisories/FreeBSD-SA-03:13.sendmail.asc
http://www.freebsd.org/security/advisories/FreeBSD-SA-03:11.sendmail.asc
http://www.freebsd.org/security/advisories/FreeBSD-SA-03:07.sendmail.asc
http://www.freebsd.org/security/advisories/FreeBSD-SA-03:04.sendmail.asc

In the same time period, BIND has had eighteen advisories. OpenSSL has had
fourteen.