From owner-freebsd-security Wed Feb 16 12:15:37 2000 Delivered-To: freebsd-security@freebsd.org Received: from builder.freebsd.org (builder.FreeBSD.ORG [204.216.27.24]) by hub.freebsd.org (Postfix) with ESMTP id B138437B616 for ; Wed, 16 Feb 2000 12:15:33 -0800 (PST) (envelope-from brett@lariat.org) Received: from lariat.lariat.org (lariat.lariat.org [206.100.185.2]) by builder.freebsd.org (Postfix) with ESMTP id 8876A132D9 for ; Wed, 16 Feb 2000 12:14:56 -0800 (PST) Received: from mustang (IDENT:ppp0.lariat.org@lariat.lariat.org [206.100.185.2]) by lariat.lariat.org (8.9.3/8.9.3) with ESMTP id NAA12562; Wed, 16 Feb 2000 13:15:17 -0700 (MST) Message-Id: <4.2.2.20000216131102.04308c80@localhost> X-Sender: brett@localhost X-Mailer: QUALCOMM Windows Eudora Pro Version 4.2.2 Date: Wed, 16 Feb 2000 13:12:53 -0700 To: Wes Peters , Richard Wackerbarth From: Brett Glass Subject: Re: Why should I upgrade from 2.2.8 to 3.4 Cc: Warner Losh , freebsd-security@FreeBSD.ORG In-Reply-To: <38AAE878.C26E278F@softweyr.com> References: <200002160926.CAA09916@harmony.village.org> <00021604155000.08535@nomad.dataplex.net> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At 11:12 AM 2/16/2000 , Wes Peters wrote: >And this coming from the 2.x "keeper of the flame." Yes, 2.2.8 should carry >a warning label of some sort. On the other hand, some things in 2.2.8 were actually more secure than later versions. When the ADMROCKS exploit got out, I discovered that the BIND that shipped with 2.2.8 wasn't susceptible. Systems with newer versions of BIND were. --Brett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message