BIND update?
Peter Thoenen
peter.thoenen at yahoo.com
Wed Jul 9 16:12:59 UTC 2008
>> Right, lets not act swiftly. That would be too much to ask. Is there any
>> reason why FreeBSD is one of the last vendors to release patches for the
>> vulnerability?
Actually IIRC all the press releases from the *alliance* stated 30 days
and as this is a fundamental flaw that has known for the past 6 months
and doesn't provide any sort of elevated privileges (or effect those
smart enough to run DNSSEC like you should be IIRC) its really not a
CRITICAL patch .. its more of a when you get around to it seriously.
Let the Security Team do their job and quit pestering them on your now
now now next day patch wants for a trivial issue.
More information about the freebsd-security
mailing list