I recommend to add a note urging people to switch to BIND 9 (possibly
mentioning "check-names ignore", which is one of the larger hurdles
IIRC).
The main reason is this bug:
CVE-2006-0527 (BIND 4 (BIND4) and BIND 8 (BIND8), if used as a target
forwarder, ...)
- bind 1:8.4.7-1 (low)
[sarge] - bind <no-dsa> (Architectual limitatiom, upgrade to BIND 9 as
a a fix)
NOTE: BIND 8 is unsuitable for forwarder use because of its
NOTE: architecture. Upgrade to BIND 9 as a fix.
NOTE: This was fixed in sid by documenting it as an unfixable design
limitation
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
