On Wednesday 09 July 2008 13:58:33 David Wilk wrote: > I'm not one to condone shitty attitudes. > > However, I think in this case it's unfair to claim that one can have > no expectations of OpenBSD with regards to security patches. If I > could have no such expectations, I would not use OpenBSD in the first > place. I have these expectations based on a very impressive security > history for which the OpenBSD developers deserve much in the way of > praise. > > Additionally, loyal OpenBSD users may be interested in the details of > the vulnerability disclosure. There very well maybe loyal OpenBSD > users who wish to very politely inform ISC that there are large > numbers of BIND users who would appreciate the same level of > cooperation between ISC and OpenBSD as ISC affords others.
You know what I expect? I expect the OpenBSD response will be excellent, and out on its own timeframe. Rushing a fix into place can be worse than not doing anything at all. I have no idea what they're doing, have no idea with whom they may be talking. But I know that it is being worked on, and will be a reasoned response to the problem. More than "expect", I trust OpenBSD. --STeve Andre'