Date: Sun, 05 May 2002 15:10:58 +0900 From: Makoto Matsushita <matusita@jp.FreeBSD.org> To: stable@FreeBSD.org Subject: Re: BIND in -stable Message-ID: <20020505151058Q.matusita@jp.FreeBSD.org> In-Reply-To: <20020504162912.M88188-100000@master.gorean.org> References: <20020504232627100.AAA911@empty1.ekahuna.com@pc02.ekahuna.com> <20020504162912.M88188-100000@master.gorean.org>
next in thread | previous in thread | raw e-mail | index | archive | help
DougB> However, I have clearly said on numerous occasions that BIND 8 DougB> users should be using 8.3.1. The most important point is "8.2.4 is vulnerable or not vulnerable," not "8.2.4 is not the latest version of BIND; BIND 8.3.1 is the latest version and ISC suggests to use 8.3.1" you've said. FreeBSD uses very simple rule: if 8.2.4 is vulnerable RELENG_4_5 branch's BIND is patched to fix the problem (or if no patches are available, import 8.3.1 instead), and if not vulnerable don't touch anything. That's sounds reasonable to me, since RELENG_4_5 should not include any new features not in original 4.5-RELEASE; that's why this branch is also known as -SECURITY branch. -- - Makoto `MAR' Matsushita To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020505151058Q.matusita>