Jeffrey A. Williams wrote:
All,
As an example to another thread and for Joe's edification.
An article up at TidBITS on http://db.tidbits.com/article/9706 Apple's unexplained failure to patch the DNS vulnerability that we have been http://it.slashdot.org/article.pl?sid=08/07/25/1334254&tid=172 discussing for a http://it.slashdot.org/article.pl?sid=08/07/21/2212227&tid=172 few weeks now. "Apple uses the popular Internet Systems Consortium BIND DNS server which was one of the first tools patched, but Apple has yet to include the fixed version in Mac OS X Server, despite being notified of vulnerability details early in the process and being informed of the coordinated patch release date.
Sometimes, it may be wise to wait: "The group responsible for maintaining the internet's most popular domain name software BIND has admitted it caused problems by fast-tracking a security patch designed to fix the widescale DNS flaw discovered by researcher Dan Kaminsky this month." http://www.zdnet.com.au/news/security/soa/DNS-patch-causes-BIND-blunder/0,13... Patrick Vande Walle -- Patrick Vande Walle Check my blog: http://patrick.vande-walle.eu