Caching Nameserver and BIND RPM Compatibility
Mike Hoskins (michoski)
michoski at cisco.com
Sat Jul 12 01:56:03 UTC 2014
-----Original Message-----
From: Mark Andrews <marka at isc.org>
Date: Friday, July 11, 2014 at 8:41 PM
To: Mike Hoskins <michoski at cisco.com>
Cc: "bind-users at lists.isc.org" <bind-users at isc.org>
Subject: Re: Caching Nameserver and BIND RPM Compatibility
>Not every *important* fix is a *security* fix.
>
>OS vendor that just backport security fixes are doing their customers
>a disservice. We issue -P's because security issues require timely
>fixes. We expect OS maintainers to actually include our maintainence
>fixes in their maintainence releases.
I couldn't agree more, and it's one of the biggest reasons I avoided Red
Hat flavored operating systems for so long. On the RHEL/CentOS based DNS
servers we run, we purposefully generate our own packages just to avoid
this annoyance...but it's a problem for a lot more than BIND. I always
much preferred the BSD approach, where the port maintainers pull in the
latest releases in mostly real time.
More information about the bind-users
mailing list