Date: Thu, 07 Sep 2006 22:55:16 -0700 From: Doug Barton <dougb@FreeBSD.org> To: eol1@yahoo.com Cc: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-06:20.bind Message-ID: <450105C4.9050300@FreeBSD.org> In-Reply-To: <20060906230642.39757.qmail@web51909.mail.yahoo.com> References: <20060906230642.39757.qmail@web51909.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Peter Thoenen wrote:
> Just to verify as not mentioned in the security advisory, if you are
> using both the BIND and OPENSSL ports with the REPLACE_BASE directive,
> these don't apply correct?
Assuming you've updated to the 9.3.2-P1 version (ports version 9.3.2.1) of
BIND 9, then yes for the BIND part of the advisory. The BIND ports with
REPLACE_BASE will overwrite all the system binaries, and actually install a
couple things that the base doesn't (not that I'd expect anyone would need
or want them, I just don't like to muck with the ports more than absolutely
necessary).
For completeness sake, I should note that what I said up there is not 100%
accurate in the case where you have BIND 8 in the base (such as in
RELENG_4), and try to replace it with BIND 9, or vice versa. In that case,
you're better off first doing a build/installworld with the NO_BIND option
set in make.conf, removing all the old binaries, libs, and includes; and
then installing the port.
hth,
Doug
--
This .signature sanitized for your protection
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?450105C4.9050300>