Re: Bind in FreeBSD, security advisories
> > Considering the topic, and how many times it's come up. I'm not sure that's a
> > nything to
> > be proud of. ;)
>
> Given not all CVE's are created equal and given the amount of
> internal self consistancy checks (all of which kill the server if
> they don't pass (and push the CVSS score to 7.x)) there are in BIND
> the number of advisaries is actually very small.
>
> Yes, this was a internal self consistancy check failing.
>
> We are human and despite code reviews, unit and system tests, static
> analysis checkers etc. some errors do make it through.
I'm also more than a little surprised about people dragging out
sendmail as a shining example of *good* (bug-free?) software. Does
nobody remember any history here? It wasn't *that* many years ago
that we seemed to have "sendmail-bug-of-the-day"...
Steinar Haug, Nethelp consulting, sthaug@nethelp.no
_______________________________________________
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 43 之 50 篇):