build failed on OSX 10.4.10 (ppc) - OT

Mark Andrews Mark_Andrews at isc.org
Sun Aug 12 23:35:31 UTC 2007


> On Fri, Aug 10, 2007 at 09:07:33PM +0100, Niall O'Reilly wrote:
> 
> > 	We've put significant effort into compensating for the
> > 	determination of the vendor of our Linux-distro-of-choice to stay
> > 	18 months or so behind updates recommended as 'critical' for key
> > 	components of our infrastructure, such as OpenSSL or BIND.
> 
> IME, the major Linux vendors are pretty good about backporting
> patches.  I.e. you may be officially running bind version 9.2.2, or
> whatever, but the vendor backports patches so the (known)
> vulnerabilities should no longer apply.

	That's the problem.  There can be and are major bug fixes
	that are *not* security issues.  These don't get backported
	and the end users don't see the fixes in a timely manner,
	if ever.  BIND 9.4.2 has a couple of such fixes.

	BIND 9.2 has had several of these over its lifetime.  We would
	see regular reports of problems which would only stop once
	the vendors picked up the release with the fix in it.  In the
	mean time we would be saying "upgrade to the current release"
	everytime the bug was reported.  The reporter would then
	complain that their Linux version was only shipping currrent
	minus several.

> Although I still prefer to build my own, so I get the warm fuzzies of
> *knowing* that I'm running 9.3.4P1 or 9.4.1P1.
> 
> - Morty
> 
> 
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org



More information about the bind-users mailing list