[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Please unblock bind9_9.3.4-2



On Tue, Jan 30, 2007 at 04:09:07PM -0700, LaMont Jones wrote:
> On Tue, Jan 30, 2007 at 02:47:27PM +0000, Neil McGovern wrote:
> > On Mon, Jan 29, 2007 at 04:07:13PM -0700, LaMont Jones wrote:
> > Both marked as fixed in 1:9.3.4-2 in our tracker, HOWEVER:
> > 355 files changed, 42564 insertions(+), 23165 deletions(-)
> > which has lots of changes to lots of files.
> > 
> > Is there any chance the security/RC issues can be backported?
> 
> My mistake here - I had been of the belief that bind 9.3.3 had been
> promoted to testing already.
> 
> Having said that, I think it would be a good thing to pull 9.3.4-2 into
> testing for the following reasons:
> 
> 1. Absolutely no support from upstream for 9.3.2, other than "upgrade to 9.3.4"
> 

As it's bind, which doesn't have the most glowing of security histories,
this one is (IMO) valid :)

> 2. DNSSEC actually works well in 9.3.4
> 

Hrm... not an essential inclusion yet IMO. Would be nice etc etc.

> 3. Other security fixes in 9.3.3 not yet incorporated in 9.3.2
> 

Yup, these would need to be backported too.

> Pretty please?

Well, IANA-RM, but from a security point of view; as the changeset is
HUGE my recommendation is: "Unblock, 20 day lead time"

Neil
-- 
<jmtd> irssiproxy appears to be crack cut with washing up powder

Attachment: signature.asc
Description: Digital signature


Reply to: