I'm not one to condone shitty attitudes. However, I think in this case it's unfair to claim that one can have no expectations of OpenBSD with regards to security patches. If I could have no such expectations, I would not use OpenBSD in the first place. I have these expectations based on a very impressive security history for which the OpenBSD developers deserve much in the way of praise.
Additionally, loyal OpenBSD users may be interested in the details of the vulnerability disclosure. There very well maybe loyal OpenBSD users who wish to very politely inform ISC that there are large numbers of BIND users who would appreciate the same level of cooperation between ISC and OpenBSD as ISC affords others. On Wed, Jul 9, 2008 at 11:17 AM, Andreas Maus <[EMAIL PROTECTED]> wrote: > On Wed, Jul 09, 2008 at 12:22:17PM -0400, bofh wrote: >> Love your gimme gimme attitude. If you spent half a second thinking about >> this: > Hehehe ;) > > Furthermore you can see in the US-CERT that this VULN was: > > Date First Published 07/08/2008 02:46:15 PM > > As you know some developers may live outside .us in a different > timezone (and developers in .us/.ca have to work at this time). > So in e.g. Europe this was yesterdays evening. > > You can accelerate proceedings by a) donating to OpenBSD > and b) - if you need this patch REALLY FAST - hire a paid > conslutant to develope the patch and send it to the list. > > And OpenBSD doesn't have a SLA ... > > So long, > > Andreas. > > -- > Windows 95: A 32-bit patch for a 16-bit GUI shell running on top of > an 8-bit operating system written for a 4-bit processor by a 2-bit > company who cannot stand 1 bit of competition.
