Date: Mon, 29 Jan 2001 17:34:30 -0800 From: Michael Bryan <fbsd-secure@ursine.com> To: freebsd-security@FreeBSD.ORG Cc: Matt Dillon <dillon@earth.backplane.com> Subject: Re: [COVERT-2001-01] Multiple Vulnerabilities in BIND - FreeBSDImplications ? Message-ID: <3A761A26.4F520934@ursine.com> References: <Pine.BSF.4.21.0101291957200.18160-100000@andromeda.frogtongue.com> <200101300108.f0U18MO81199@earth.backplane.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Matt Dillon wrote: > > Ok, I'm really confused now. I am currently running 8.2.3-T6B. > > Do I need to upgrade or am I ok? You need to upgrade. The ISC web site has a good list of all known BIND vulnerabilities and which versions are affected for each one: http://www.isc.org/products/BIND/bind-security.html In particular, the info on the "TSIG" vulnerability says that all beta versions of 8.2.3 are vulnerable. Since 8.2.3-T6B is a beta version, it is therefore vulnerable. > If I need to upgrade, is the patch > in the tree now or do I need to wait? I believe the latest message from Kris was that 4.x-STABLE has the updated BIND integrated, and 3.x-STABLE should be updated by tomorrow. If you update via the bind8 port instead, it has also been updated for 8.2.3. The bind8 port puts files in a different location than the BIND files from the base system install, so be careful if you do that, especially making sure your /etc/rc.conf will start the correct version. The prebuilt packages directory at freebsd.org still had just 8.2.2-p7, as far as I could tell, but that will presumably change over the next day or two. Or you -could- just download 8.2.3 directly from ISC (www.isc.org), and install it that way. Some files might end up in slightly different directories, but I believe that's the only impact you'll see (although somebody is sure to pipe up if I'm wrong on that one.) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3A761A26.4F520934>