
oss-sec mailing list archives
Re: BIND Operational Notification: Enabling the new BIND option "stale-answer-client-timeout" can result in unexpected server termination
From: Hanno Böck <hanno () hboeck de>
Date: Fri, 19 Feb 2021 09:17:37 +0100
On Thu, 18 Feb 2021 20:09:47 -0900 ISC Security Officer <security-officer () isc org> wrote:
2) If you already have packages based on 9.16.12, we expect to have a patch ready well before the next maintenance release. A candidate patch is under review now and can be delivered after review and quality assurance testing. If you wish to receive updates on the progress of this patch, please e-mail your request to security-officer () isc org
I am confused by your actions here. You warn people about a messed up release (can happen, no problem), you say you have a preliminary patch, but you make it extra complicated to get that patch? Why not just post the patch? Also I read into your words that you don't plan to publish a quick followup release, which would be the right thing to do ("we expect to have a patch ready well before the next maintenance release" - I read that as you don't plan to make a new maintenance release as soon as the patch is ready, which would be the right thing to do). -- Hanno Böck https://hboeck.de/
Current thread:
- BIND Operational Notification: Enabling the new BIND option "stale-answer-client-timeout" can result in unexpected server termination ISC Security Officer (Feb 19)
- Re: BIND Operational Notification: Enabling the new BIND option "stale-answer-client-timeout" can result in unexpected server termination Hanno Böck (Feb 19)
- Re: BIND Operational Notification: Enabling the new BIND option "stale-answer-client-timeout" can result in unexpected server termination Michael McNally (Feb 19)
- Re: BIND Operational Notification: Enabling the new BIND option "stale-answer-client-timeout" can result in unexpected server termination Ondřej Surý (Feb 19)
- Re: BIND Operational Notification: Enabling the new BIND option "stale-answer-client-timeout" can result in unexpected server termination Hanno Böck (Feb 19)