* Mark Andrews: > What's needed here is for OS maintainers to actually "maintain" > their OS's by including maintainence releases of the software they > are shipping and not just cherry-pick security fixes back into older > releases. There are bugs which don't rise to the level of requiring > a security advisary but are still critical bugs which need to fixed.
Common lore suggests that BIND is best compiled from source, so the impact of downstreams in this area is fairly limited. Sure, you get the latest and greatest at the time of installation, but what happens after that? As far as I understand it, this is not about some version of BIND in Fedora failing, but issues at ISP resolvers, so Fedora's maintenance (which actually tracks upstream fairly aggressively) doesn't come into play. _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
