From owner-freebsd-ports Thu Nov 11 1:53:45 1999 Delivered-To: freebsd-ports@freebsd.org Received: from s01.arpa-canada.net (s01.arpa-canada.net [209.104.122.2]) by hub.freebsd.org (Postfix) with ESMTP id 15A4614C8E; Thu, 11 Nov 1999 01:53:42 -0800 (PST) (envelope-from matt@BabCom.ORG) Received: by s01.arpa-canada.net (Postfix, from userid 1001) id A152DB885; Thu, 11 Nov 1999 04:53:41 -0500 (EST) Received: from localhost (localhost [127.0.0.1]) by s01.arpa-canada.net (Postfix) with ESMTP id 99ACCE; Thu, 11 Nov 1999 04:53:41 -0500 (EST) Date: Thu, 11 Nov 1999 04:53:41 -0500 (EST) From: matt X-Sender: matt@s01.arpa-canada.net To: jseger@FreeBSD.org Cc: ports@FreeBSD.ORG Subject: Patch to ports for BIND NXT Bug Vulnerability Message-ID: MIME-Version: 1.0 Content-Type: MULTIPART/MIXED; BOUNDARY="0-377638241-942314021=:49074" Sender: owner-freebsd-ports@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. Send mail to mime@docserver.cac.washington.edu for more info. --0-377638241-942314021=:49074 Content-Type: TEXT/PLAIN; charset=US-ASCII Hello, The attached diff should be applied to /usr/ports/net/bind8, all it does is update the information needed to get 8.2.2-P3, this part of the work was done by another person on -security, I feel horrible about not having his e-mail so I can supply you his name. I tried the archives, but it was too recent of a post to be there yet. My apologies in advance to this person. Part 2 of this upgrade, was to add the patchfile "patch4" from isc.org which is needed for bind 8.2.2-P3 to correctly do zone transfers, this is a very important patch to apply. This part, was done by me. (I'm laying this out so as not to take credit for work I did not do, hopefully, the author of the first patch, will contact me or the list) With the possible critical security hole in previous versions of bind, this is, what I would consider, a critical fix. It is only a matter of time until the script kiddies have exploits to root you with, assuming that bind does not run in the sandbox as another user like it should. I figure, that if this gets spread around fast enough, the FreeBSD community just might be safe from those triple damned script kiddies. Regards, Matt -- "If the primates that we came from had known that someday politicians would come out of the...the gene pool, they'd a stayed up in the trees and written evolution off as a bad idea. Hell, I always thought the opposable thumb was overrated." -Sheridan, "A Distant Star" --0-377638241-942314021=:49074 Content-Type: TEXT/PLAIN; charset=US-ASCII; name="port-bind8.diff" Content-Transfer-Encoding: BASE64 Content-ID: Content-Description: Content-Disposition: attachment; filename="port-bind8.diff" ZGlmZiAtdXIgYmluZDgub3JpZy9NYWtlZmlsZSBiaW5kOC9NYWtlZmlsZQ0K LS0tIGJpbmQ4Lm9yaWcvTWFrZWZpbGUJTW9uIEF1ZyAzMCAxMDoyMjowOSAx OTk5DQorKysgYmluZDgvTWFrZWZpbGUJVGh1IE5vdiAxMSAwNDo0MDo0MSAx OTk5DQpAQCAtMSwxNSArMSwxOCBAQA0KICMgTmV3IHBvcnRzIGNvbGxlY3Rp b24gbWFrZWZpbGUgZm9yOgliaW5kDQotIyBWZXJzaW9uIHJlcXVpcmVkOgk4 LjIuMQ0KKyMgVmVyc2lvbiByZXF1aXJlZDoJOC4yLjItUDMNCiAjIERhdGUg Y3JlYXRlZDoJCTE4IEp1bHkgMTk5Nw0KICMgV2hvbToJCQlqc2VnZXJAc2Nk cy5jb20NCiAjDQogIyAkRnJlZUJTRDogcG9ydHMvbmV0L2JpbmQ4L01ha2Vm aWxlLHYgMS4xNCAxOTk5LzA4LzMwIDE0OjIyOjA5IHBldGVyIEV4cCAkDQog Iw0KIA0KLURJU1ROQU1FPQliaW5kLTguMi4xDQorRElTVE5BTUU9CWJpbmQt OC4yLjItUDMNCiBDQVRFR09SSUVTPQluZXQNCi1NQVNURVJfU0lURVM9CWZ0 cDovL2Z0cC5pc2Mub3JnL2lzYy9iaW5kL3NyYy84LjIuMS8NCitNQVNURVJf U0lURVM9CWZ0cDovL2Z0cC5pc2Mub3JnL2lzYy9iaW5kL3NyYy84LjIuMi1Q My8NCiBESVNURklMRVM9CWJpbmQtc3JjLnRhci5neiBiaW5kLWRvYy50YXIu Z3oNCisNCitQQVRDSF9TSVRFUz0gICAgZnRwOi8vZnRwLmlzYy5vcmcvaXNj L2JpbmQvc3JjLzguMi4yLVAzLyAgICAgICAgDQorUEFUQ0hGSUxFUz0gICAg IHBhdGNoNCAgICAgICAgICAgICAgICAgICAgICAgICANCiANCiBNQUlOVEFJ TkVSPQlqc2VnZXJARnJlZUJTRC5vcmcNCiANCmRpZmYgLXVyIGJpbmQ4Lm9y aWcvZmlsZXMvbWQ1IGJpbmQ4L2ZpbGVzL21kNQ0KLS0tIGJpbmQ4Lm9yaWcv ZmlsZXMvbWQ1CVN1biBBdWcgIDggMTQ6MDM6NDYgMTk5OQ0KKysrIGJpbmQ4 L2ZpbGVzL21kNQlUaHUgTm92IDExIDA0OjM5OjU3IDE5OTkNCkBAIC0xLDIg KzEsMyBAQA0KLU1ENSAoYmluZC1zcmMudGFyLmd6KSA9IDQ0OWNhZDljODNk MzFjMjgxNzlkM2ZhOWRhYmQzYTM4DQotTUQ1IChiaW5kLWRvYy50YXIuZ3op ID0gNTJiYTE2NDkwNmY4Y2I1ZDBmZTFkMDZjZWI1YWM1ZGINCitNRDUgKGJp bmQtc3JjLnRhci5neikgPSBjNzgyYWYxYTgwNThkNmQyZDNjOTVjMTM4NWE1 YzhjMA0KK01ENSAoYmluZC1kb2MudGFyLmd6KSA9IDQyMDI1YWI0YmVkMGYx M2FiNjEyZWM1OTg0YWJlMmYwDQorTUQ1IChwYXRjaDQpID0gYjliMDVkY2E0 YjU5MWFkNzNiMTdmNzI2MmFmYTY2MzYNCg== --0-377638241-942314021=:49074-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message