Hi!

Is it me, or is the thing below confusing indeed? At the location

ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-006.txt.asc

can be found this about the BIND buffer overrun issue:

=====
Fixed:		NetBSD-current:		June 28, 2002
		NetBSD-1.6 branch:	June 28, 2002 (1.6 will include the fix)
		NetBSD-1.5 branch:	(not yet) (1.5.3 will include the fix)
		NetBSD-1.4 branch:	(not yet)
		pkgsrc:			net/bind4, bind-4.9.8nb1
					net/bind8, bind-8.3.3
					net/bind9, (ISC is not planning
						a release, as vulnerable
						files are not used in the
						main server or utilites by
						default.)
					emulators/compat1[234], not yet
=====

So pkgsrc is supposed to contain bind-8.3.3. But according to

ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/net/bind8/README.html :

"The current source version of the package is bind-8.3.1nb1."

So, is the ftp.netbsd.org version outdated, or bind-8.3.3 isn't actually in 
pkgsrc, or am I missing something?

thx
mortee