On 20/10/2019 8:50 pm, Andrea Venturoli wrote:
On 2019-10-20 11:26, Mathieu Arnold wrote:
The ISC was very clear in that this update[1] is not a security related
release, so I have absolutely no plan to merge it.
1: https://lists.isc.org/pipermail/bind-announce/2019-October/001139.html
Sorry, I had already opened the bug as Kubilay suggested; fell free to
close it, then.
I'm confused though, since the link you posted says:
To clarify, BIND 9.11.12 is not a security release, but BIND 9.14.7 and
9.15.5 are.
The two CVEs disclosed today affect only BIND 9.14 and 9.15; the BIND
9.11 branch is not vulnerable.
But on the release notes for 9.14 there are *3* CVEs and one
(CVE-2019-6471) is also listed in the release notes for 9.11.
???
bye & Thanks
av.
All done (issue closed).
Thank you for raising the question and asking though Andrea, many
security updates are in fact missed, and don't end up in quarterly branches.
Users can help us by identify things that slip through the cracks and
reporting those issues, and requesting merges where they are necessary
_______________________________________________
[email protected] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "[email protected]"
