From owner-freebsd-security Sun Jun 30 10:24:57 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5530837B401 for ; Sun, 30 Jun 2002 10:24:53 -0700 (PDT) Received: from mail.dada.it (mail4.dada.it [195.110.96.52]) by mx1.FreeBSD.org (Postfix) with SMTP id 3EF9C43E09 for ; Sun, 30 Jun 2002 10:24:51 -0700 (PDT) (envelope-from ale@unixmania.net) Received: (qmail 27429 invoked from network); 30 Jun 2002 17:24:44 -0000 Received: from unknown (HELO libero.sunshine.ale) (195.110.114.252) by mail.dada.it with SMTP; 30 Jun 2002 17:24:44 -0000 Received: by libero.sunshine.ale (Postfix, from userid 1001) id 5A3275F87; Sun, 30 Jun 2002 19:24:40 +0200 (CEST) Date: Sun, 30 Jun 2002 19:24:40 +0200 From: Alessandro de Manzano To: Doug Barton Cc: John Long , security@FreeBSD.org Subject: Re: named 8.3.2-T1B vulnerable? Message-ID: <20020630192440.A18140@libero.sunshine.ale> Reply-To: Alessandro de Manzano References: <5.1.0.14.2.20020629142257.0221e050@mail.sstec.com> <20020629170827.K5428-100000@master.gorean.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <20020629170827.K5428-100000@master.gorean.org>; from DougB@FreeBSD.org on Sat, Jun 29, 2002 at 05:15:42PM -0700 X-Operating-System: FreeBSD 4.6-STABLE Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Sat, Jun 29, 2002 at 05:15:42PM -0700, Doug Barton wrote: Hi! > should be using 8.3.3 if you're using BIND 8. You can build the bind8 port > with: > > make clean ; make -DPORT_REPLACES_BASE_BIND8 install > > and it will update the version of BIND on your system. You could also > leave off the flag if you'd rather have the new bind in /usr/local, but > 8.3.2-T1B had some icky bugs so I recommend just writing over it to be > safe. I've a question about replacing with PORT_REPLACES_BASE_BIND8. If today I install BIND 8.3.3 from the port with that option it will overwrite the system one but next time I'll do a buildworld / installworld I'll get again 8.3.2-T1B or whatever RELENG_4(_6) will have that time.. right ? More, I'll get an entry in the installed packages database for BIND 8.3.3 that is "dangerous", since if I'll ever pkg_delete it I'll lost the real/overwritten BIND... Is possible to "make install" it without making an entry in pkgdb ? > to RELENG_4. I doubt that the security officer team will want to import > BIND 8.3.3 into any of the RELENG_4_x branches. The port will do the same I'll hope yes, since the security fixes are important, IMHO... Thanks in advance ! -- bye! Ale To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message