Re: BIND update?
- From: Chris Palmer <chris@xxxxxxxxxxxxxxxx>
- Date: Wed, 9 Jul 2008 13:30:08 -0700
Wesley Shields writes:
Malware authors create exploits based on information they gleaned by
reverse
(legitimate businesses). I'm also not sure how this applies since the
project is open source - the fix is published at the time of the patch,
My implicit (sorry about that) point was that if closed source software has
no obscurity, there's no way open source software can have any. So we should
not pretend that there is any, nor that it can help. The best course is to
provide users full information about the risks they face and to respond with
timely and correct fixes to those issues that introduce unnecessary risk.
In this case, the BIND bug is already patched and publicly available anyway.
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"
- References:
- Re: BIND update?
- From: Josh Mason
- Re: BIND update?
- From: Remko Lodder
- Re: BIND update?
- From: Josh Mason
- Re: BIND update?
- From: Remko Lodder
- Re: BIND update?
- From: Remko Lodder
- Re: BIND update?
- From: Josh Mason
- Re: BIND update?
- From: Wesley Shields
- Re: BIND update?
- From: Chris Palmer
- Re: BIND update?
- From: Wesley Shields
- Re: BIND update?
- Prev by Date: Re: [Fwd: cvs commit: ports/dns/bind9 Makefile distinfo ports/dns/bind94 Makefile distinfo ports/dns/bind95 Makefile distinfo]
- Next by Date: Re: BIND update?
- Previous by thread: Re: BIND update?
- Next by thread: Re: BIND update?
- Index(es):
Relevant Pages
|
