Tom Browder <tom.brow...@gmail.com> wrote: > On Mon, Jul 24, 2017 at 8:23 AM, Greg Wooledge <wool...@eeg.ccf.org> wrote: >> On Sun, Jul 23, 2017 at 06:55:09AM -0500, Tom Browder wrote:
>>> I would like to remove all bind9 packages from servers running bind9 >>> and install the latest bind9 from source. >> Because you want to satisfy internal audits that don't understand how >> Debian security patching works, right? Right? Right. OK. > Greg, I appreciate your advice, and I would love to stay with the > debian packages. However, I also want to be able to use a debian > installation a long time and I see lots of changes on dns resource > records. Also, I don't like to rush into debian version updates, so I > fear the package bind9 might slip behind current standards. It is trivially easy to backport the bind9-package from Stretch to Jessie (just change the dependency on libssl1.0-dev to libssl-dev). I have been doing the same for some time (needed support for the CAA record). Grüße, Sven. -- Sigmentation fault. Core dumped.