North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Reasons why BIND isn't being upgraded

  • From: J Bacher
  • Date: Sun Feb 04 10:07:15 2001

> > Good.  Reduce yourself to insults and don't even answer the [first]
> > question.
> You're right about the insult, but the point remains -- it doesn't matter
> how long Sun takes. He isn't changing how the security information gets to
> the world, he's providing Sun a support channel for assistance integrating
> the security fix. 

If a new distribution is available, why penalize those that don't need a
distro from a vendor to perform an upgrade?  That's the point.  Big or
small wrt to company size is irrelevant.  This question may have already
been answered but I dropped off early last night.

> In my experience (being a paying Sun support contract customer) I've gotten
> security fixes from Sun in a time range from 2-6 hours. 6 hours was the
> longest time that I've experienced from handing them a security flaw they
> didn't know about until I had a valid patch in my hands.
> On a closed circuit channel for security updates.

I'm a paying customer with a different vendor.  I use my experience from
a few years ago to not rely on vendor knowledge let alone patches in
emergency mode.

The point is:  there are many companies that don't pay for vendor
support.  They may or may not be big.  Why would you or anyone else prefer
to inject criticism toward their concern for network security
(particularly in light of all of the pissing and moaning that goes on in
this list wrt to this subject) just because they do things differently
than you?