Subject: ot, security patches, and 1.4.1
To: None <current-users@netbsd.org>
From: nm <nmanisca@vt.edu>
List: current-users
Date: 01/29/2000 13:31:36
I apologize in advance because this post is not quite
on topic.

I have a 1.3.3 system and I am about to install 1.4.1 on it.
The primary function of this system is as a name server.

I thought I read somewhere (correct me if I am wrong) that
the version of bind that shipped with 1.4.1 contained a bug
that may compromise system security.  I could not find a
patch for this bug on the ftp site, nor are any bugs listed
for 1.4.1 on the web site.

I am worried that people may install 1.4.1 and check the
web site, see that no security bugs are listed for 1.4.1 and
assume that the bind that ships with it is secure.  Am I
missing something or am I confused?

Nick Maniscalco
nm@vt.edu