> Please take off the blinders and realize there are lots of folks (some x% of a > million or more) on this list who compile from current source in order to > minimize their risks and are therefore the subject audience. > > On the one hand, you have Paul Vixie and crew (authors of BIND) and > US_CERT saying "US-CERT encourages users and administrators using the > affected versions of BIND to upgrade to BIND 9.7.3." On the other hand, you > have "don't bother me with reality, I'm comfortable, am not affected and > don't want to read messages to those who are affected." I've only been subscribed here a week and this topic seems very heated, so sorry if this stirs the pot up again, but don't patches for these things get back-ported? So even if you're running bind v9.5.1 on CentOS/upstream 4/5.x you'd still have security fixes like those in this article backported right? And yeah I suppose rolling your own is always an option but in my experience it's to easy to get behind. This seems more like a Slackware approach tho, nothing against Slack of course! Josh