[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: pulling up BIND 9.7 to netbsd-5?
On Dec 14, 2010, at 9:19 04AM, Matthias Scheler wrote:
> On Mon, Dec 13, 2010 at 11:15:52AM -0600, Michael Graff wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>> On 2010-12-01 7:18 AM, Geert Hendrickx wrote:
>>> BIND on the NetBSD-5 branch is somewhat old (9.5.2) and doesn't support
>>> recent DNSSEC algorithms (RSASHA256, which the root zone is using) and
>>> Could we consider pulling up BIND 9.7.x from current into the NetBSD-5
> I'm not convinced that is a good idea.
> The last two BIND security problems didn't affect BIND 9.5. But they
> affected BIND 9.6 and 9.7.
Were they actually unaffected, or did no one bother checking? If the
were unaffected, was it because the problems were in newer code that
was added since 9.5?
--Steve Bellovin, http://www.cs.columbia.edu/~smb
Main Index |
Thread Index |