From owner-freebsd-stable@FreeBSD.ORG  Tue Jul 30 12:43:05 2013
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTP id 7CB4E2C2
 for <freebsd-stable@freebsd.org>; Tue, 30 Jul 2013 12:43:05 +0000 (UTC)
 (envelope-from gwiley@verisign.com)
Received: from exprod6og103.obsmtp.com (exprod6og103.obsmtp.com [64.18.1.185])
 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by mx1.freebsd.org (Postfix) with ESMTPS id CA4BD2F3B
 for <freebsd-stable@freebsd.org>; Tue, 30 Jul 2013 12:43:02 +0000 (UTC)
Received: from peregrine.verisign.com ([216.168.239.74]) (using TLSv1) by
 exprod6ob103.postini.com ([64.18.5.12]) with SMTP
 ID DSNKUfe00MDWQEgVdVje2HnZsl9+EV3FKecQ@postini.com;
 Tue, 30 Jul 2013 05:43:05 PDT
Received: from BRN1WNEXCHM01.vcorp.ad.vrsn.com
 (brn1wnexchm01.vcorp.ad.vrsn.com [10.173.152.255])
 by peregrine.verisign.com (8.13.6/8.13.4) with ESMTP id r6UCgpwA024672
 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL);
 Tue, 30 Jul 2013 08:42:51 -0400
Received: from BRN1WNEXMBX01.vcorp.ad.vrsn.com ([::1]) by
 BRN1WNEXCHM01.vcorp.ad.vrsn.com ([::1]) with mapi id 14.02.0342.003; Tue, 30
 Jul 2013 08:42:51 -0400
From: "Wiley, Glen" <gwiley@verisign.com>
To: Tom Evans <tevans.uk@googlemail.com>, David Demelier
 <demelier.david@gmail.com>
Subject: Re: Bind in FreeBSD, security advisories
Thread-Topic: Bind in FreeBSD, security advisories
Thread-Index: AQHOjSHbu7+wS+edJUSJ+Xp1rPBZCZl9KlWA
Date: Tue, 30 Jul 2013 12:42:51 +0000
Message-ID: <CE1D2CEE.E37A%gwiley@verisign.com>
In-Reply-To: <CAFHbX1+JyHSPCccmf+hk4C2b8wOcAUvxraFv7+04bNbbxbO33g@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
user-agent: Microsoft-MacOutlook/14.3.6.130613
x-originating-ip: [10.173.152.4]
Content-Type: text/plain; charset="us-ascii"
Content-ID: <F508413CEAFD044B936EA2CB2E477F10@verisign.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "freebsd-stable@freebsd.org" <freebsd-stable@freebsd.org>
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-stable>,
 <mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
 <mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 30 Jul 2013 12:43:05 -0000

I think you could conceptually differentiate between DNS clients and
servers and remove bind without removing the DNS clients.

On 7/30/13 8:39 AM, "Tom Evans" <tevans.uk@googlemail.com> wrote:

>On Tue, Jul 30, 2013 at 8:55 AM, David Demelier
><demelier.david@gmail.com> wrote:
>> Hi,
>>
>> For years, a lot of security advisories have been present for bind.
>> I'm just guessing if it's not a good idea to remove bind from base?
>>
>> This will probably free by half the number of FreeBSD SA's in the
>>future.
>>
>
>Sure, but no bind in base also implies no dig, nslookup or host.
>
>Cheers
>
>Tom
>_______________________________________________
>freebsd-stable@freebsd.org mailing list
>http://lists.freebsd.org/mailman/listinfo/freebsd-stable
>To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org"