Date: Fri, 05 Feb 2021 22:00:36 -0600 From: Greg Rivers <gcr+freebsd-ports@tharned.org> To: bob prohaska <fbsd@www.zefox.net> Cc: freebsd-ports@freebsd.org Subject: Re: Bind9 security upgrade Message-ID: <2424596.iFQSR7Lh2p@no.place.like.home> In-Reply-To: <20210206011026.GA11620@www.zefox.net> References: <20210206011026.GA11620@www.zefox.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Friday, 5 February 2021 19:10:26 CST bob prohaska wrote: > What's the appropriate port of bind for use at present? > It appears 9.16.1 is subject to a DOS attack, to which I > seem to have fallen victim: > https://kb.isc.org/docs/cve-2020-8617 > > There's a port called bind9.16.11, which is compiling now, > but it's unclear if that's adequately patched. The CVE > calls for 9.16.3 as the fixed version. > I think that means >= 9.16.3. But 9.16.3 is pretty old by now, and many other bugs have since been fixed. You definitely want to track the current stable release, which is 9.16.11 at present. -- Greg
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2424596.iFQSR7Lh2p>