From owner-freebsd-security@FreeBSD.ORG  Fri Jul 11 21:23:22 2008
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 4721E106566B
	for <freebsd-security@freebsd.org>;
	Fri, 11 Jul 2008 21:23:22 +0000 (UTC)
	(envelope-from dougb@FreeBSD.org)
Received: from mail2.fluidhosting.com (mx23.fluidhosting.com [204.14.89.6])
	by mx1.freebsd.org (Postfix) with ESMTP id E23208FC0C
	for <freebsd-security@freebsd.org>;
	Fri, 11 Jul 2008 21:23:21 +0000 (UTC)
	(envelope-from dougb@FreeBSD.org)
Received: (qmail 19257 invoked by uid 399); 11 Jul 2008 21:23:21 -0000
Received: from localhost (HELO lap.dougb.net) (dougb@dougbarton.us@127.0.0.1)
	by localhost with ESMTPAM; 11 Jul 2008 21:23:21 -0000
X-Originating-IP: 127.0.0.1
X-Sender: dougb@dougbarton.us
Message-ID: <4877CF47.2080208@FreeBSD.org>
Date: Fri, 11 Jul 2008 14:23:19 -0700
From: Doug Barton <dougb@FreeBSD.org>
Organization: http://www.FreeBSD.org/
User-Agent: Thunderbird 2.0.0.14 (X11/20080606)
MIME-Version: 1.0
To: Chuck Swiger <cswiger@mac.com>
References: <DEB25E89-7447-4EA0-8800-23897C593756@mac.com>
In-Reply-To: <DEB25E89-7447-4EA0-8800-23897C593756@mac.com>
X-Enigmail-Version: 0.95.6
OpenPGP: id=D5B2F0FB
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: freebsd-security@freebsd.org
Subject: Re: OpenSSL warning from dns/bind95 build...?
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Jul 2008 21:23:22 -0000

Chuck Swiger wrote:
> Hi, all--
> 
> Apropos of this security issue with BIND, I just tried updating a 
> FreeBSD-6.3-STABLE system with dns/bind95, and it loudly complains about 
> the OpenSSL version which comes with the system:
[snip]
> Is the version of OpenSSL now included with RELENG_6 (OpenSSL 0.9.7e-p1) 
> OK, or is it at risk as reported?

You're better off upgrading using the version in 
ports/security/openssl and adding WITH_OPENSSL_PORT to /etc/make.conf.

hth,

Doug

-- 

     This .signature sanitized for your protection