Date: Sun, 30 Jun 2002 19:24:40 +0200 From: Alessandro de Manzano <adm@unixmania.net> To: Doug Barton <DougB@FreeBSD.org> Cc: John Long <fbsd1@sstec.com>, security@FreeBSD.org Subject: Re: named 8.3.2-T1B vulnerable? Message-ID: <20020630192440.A18140@libero.sunshine.ale> In-Reply-To: <20020629170827.K5428-100000@master.gorean.org>; from DougB@FreeBSD.org on Sat, Jun 29, 2002 at 05:15:42PM -0700 References: <5.1.0.14.2.20020629142257.0221e050@mail.sstec.com> <20020629170827.K5428-100000@master.gorean.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Jun 29, 2002 at 05:15:42PM -0700, Doug Barton wrote: Hi! > should be using 8.3.3 if you're using BIND 8. You can build the bind8 port > with: > > make clean ; make -DPORT_REPLACES_BASE_BIND8 install > > and it will update the version of BIND on your system. You could also > leave off the flag if you'd rather have the new bind in /usr/local, but > 8.3.2-T1B had some icky bugs so I recommend just writing over it to be > safe. I've a question about replacing with PORT_REPLACES_BASE_BIND8. If today I install BIND 8.3.3 from the port with that option it will overwrite the system one but next time I'll do a buildworld / installworld I'll get again 8.3.2-T1B or whatever RELENG_4(_6) will have that time.. right ? More, I'll get an entry in the installed packages database for BIND 8.3.3 that is "dangerous", since if I'll ever pkg_delete it I'll lost the real/overwritten BIND... Is possible to "make install" it without making an entry in pkgdb ? > to RELENG_4. I doubt that the security officer team will want to import > BIND 8.3.3 into any of the RELENG_4_x branches. The port will do the same I'll hope yes, since the security fixes are important, IMHO... Thanks in advance ! -- bye! Ale To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020630192440.A18140>