[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bind 9: consequences of completely removind all bind9 packages on jessie and stretch)?

Tom Browder <tom.browder@gmail.com> wrote:
> On Mon, Jul 24, 2017 at 8:23 AM, Greg Wooledge <wooledg@eeg.ccf.org> wrote:
>> On Sun, Jul 23, 2017 at 06:55:09AM -0500, Tom Browder wrote:

>>> I would like to remove all bind9 packages from servers running bind9
>>> and install the latest bind9 from source.

>> Because you want to satisfy internal audits that don't understand how
>> Debian security patching works, right?  Right?  Right.  OK.

> Greg, I appreciate your advice, and I would love to stay with the
> debian packages. However, I also want to be able to use a debian
> installation a long time and I see lots of changes on dns resource
> records.  Also, I don't like to rush into debian version updates, so I
> fear the package bind9 might slip behind current standards.

It is trivially easy to backport the bind9-package from Stretch to
Jessie (just change the dependency on libssl1.0-dev to libssl-dev).

I have been doing the same for some time (needed support for the CAA
record).

Grüße,
Sven.

-- 
Sigmentation fault. Core dumped.
Reply to: