From owner-freebsd-stable@FreeBSD.ORG Thu Jul 10 14:58:28 2008 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 37BAE1065678 for ; Thu, 10 Jul 2008 14:58:28 +0000 (UTC) (envelope-from mike@sentex.net) Received: from smarthost1.sentex.ca (smarthost1.sentex.ca [64.7.153.18]) by mx1.freebsd.org (Postfix) with ESMTP id 0881E8FC14 for ; Thu, 10 Jul 2008 14:58:27 +0000 (UTC) (envelope-from mike@sentex.net) Received: from lava.sentex.ca (pyroxene.sentex.ca [199.212.134.18]) by smarthost1.sentex.ca (8.14.2/8.14.2) with ESMTP id m6AEvviJ036960; Thu, 10 Jul 2008 10:57:58 -0400 (EDT) (envelope-from mike@sentex.net) Received: from mdt-xp.sentex.net (simeon.sentex.ca [192.168.43.27]) by lava.sentex.ca (8.13.8/8.13.3) with ESMTP id m6AEvvlD036748 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 10 Jul 2008 10:57:57 -0400 (EDT) (envelope-from mike@sentex.net) Message-Id: <200807101457.m6AEvvlD036748@lava.sentex.ca> X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9 Date: Thu, 10 Jul 2008 10:57:56 -0400 To: Oliver Brandmueller , freebsd-stable@freebsd.org From: Mike Tancsa In-Reply-To: <20080710102955.GA6902@e-Gitt.NET> References: <20080710094006.GX6902@e-Gitt.NET> <20080710094451.GS62764@server.vk2pj.dyndns.org> <20080710095809.GA59288@eos.sc1.parodius.com> <4875E1B6.3010407@delphij.net> <20080710102955.GA6902@e-Gitt.NET> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed X-Scanned-By: MIMEDefang 2.64 on 64.7.153.18 Cc: Subject: Re: BIND update? X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Jul 2008 14:58:28 -0000 At 06:29 AM 7/10/2008, Oliver Brandmueller wrote: >Hi, > >On Thu, Jul 10, 2008 at 03:17:26AM -0700, Xin LI wrote: > > Speaking as my own: Base system needs more conservative QA process, > > e.g. we want to minimize the change, we need to analyst the impact > > (FWIW the security fix would negatively affect heavy traffic sites) > > and document it (i.e. the security advisory), and we want to make the > > change a one-time one (for instance, shall we patch libc's resolver as > > well?), so rushing into a "presumably patched" state would not be a > > very good solution. > >I understand the reasons and that surely needs to be taken into account. >Does that imply that the FreeBSD project got the information later than >f.e. M$ or Debian, who are usually not really known for coming up too >fast with such fixes? Even with all the extra time and resources MS had, look at the breakage their fix has caused. ---Mike