Re: [SECURITY] [DSA 1605-1] DNS vulnerability impact on the libc stub resolver
Quoting Hubert Chathi (firstname.lastname@example.org):
> I'm really more concerned about the fact that it's orphaned. And it
> appears to be unmaintained upstream (last release in 2001, and
> upstream moved it from the "releases" directory to the "old-releases"
Point taken. I assume you are referring to
Here's original NSS module author Mark Kettenis <email@example.com>'s
release announcement in July 2000:
I guess we can hope that the current security incident will encourage
the glibc developers to consider adopting Kettenis's NSS code, as part
of a larger plan to (finally!) phase out the legacy BIND8 resolver code.
But that won't happen quickly, if at all, I fear.