From owner-freebsd-security@FreeBSD.ORG  Wed Sep  6 23:54:29 2006
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
X-Original-To: freebsd-security@freebsd.org
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id C75D216A4ED
	for <freebsd-security@freebsd.org>;
	Wed,  6 Sep 2006 23:54:29 +0000 (UTC)
	(envelope-from cperciva@freebsd.org)
Received: from pd5mo3so.prod.shaw.ca (shawidc-mo1.cg.shawcable.net
	[24.71.223.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id D83B743D46
	for <freebsd-security@freebsd.org>;
	Wed,  6 Sep 2006 23:54:25 +0000 (GMT)
	(envelope-from cperciva@freebsd.org)
Received: from pd3mr1so.prod.shaw.ca
	(pd3mr1so-qfe3.prod.shaw.ca [10.0.141.177]) by l-daemon
	(Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004))
	with ESMTP id <0J5700DNW3NUHFC0@l-daemon> for
	freebsd-security@freebsd.org; Wed, 06 Sep 2006 17:52:42 -0600 (MDT)
Received: from pn2ml10so.prod.shaw.ca ([10.0.121.80])
	by pd3mr1so.prod.shaw.ca (Sun ONE Messaging Server 6.0 HotFix 1.01
	(built Mar
	15 2004)) with ESMTP id <0J5700DYJ3NUX330@pd3mr1so.prod.shaw.ca> for
	freebsd-security@freebsd.org; Wed, 06 Sep 2006 17:52:42 -0600 (MDT)
Received: from hexahedron.daemonology.net ([24.82.18.31])
	by l-daemon (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15
	2004)) with SMTP id <0J57003TC3NTH7X0@l-daemon> for
	freebsd-security@freebsd.org; Wed, 06 Sep 2006 17:52:42 -0600 (MDT)
Received: (qmail 87136 invoked from network); Wed, 06 Sep 2006 23:52:38 +0000
Received: from unknown (HELO ?127.0.0.1?) (127.0.0.1)
	by localhost with SMTP; Wed, 06 Sep 2006 23:52:38 +0000
Date: Wed, 06 Sep 2006 16:52:37 -0700
From: Colin Percival <cperciva@freebsd.org>
In-reply-to: <44FF5E1F.2080607@freebsd.org>
To: Colin Percival <cperciva@freebsd.org>, eol1@yahoo.com
Message-id: <44FF5F45.5020901@freebsd.org>
MIME-version: 1.0
Content-type: text/plain; charset=ISO-8859-1
Content-transfer-encoding: 7bit
X-Enigmail-Version: 0.94.0.0
References: <20060906230642.39757.qmail@web51909.mail.yahoo.com>
	<44FF5E1F.2080607@freebsd.org>
User-Agent: Thunderbird 1.5 (X11/20060416)
Cc: freebsd-security@freebsd.org
Subject: Re: FreeBSD Security Advisory FreeBSD-SA-06:20.bind
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Sep 2006 23:54:29 -0000

I wrote:
> I don't know enough of what the ports do to be certain about the answer
> to that question, but here are the files in the FreeBSD 6.x base system
> which are affected by these security advisories:
> ...
> If the ports replace all of those files, you should be safe (at least
> on FreeBSD 6.x -- I can give you a list of files modified on FreeBSD
> 5.x and 4.11 once those FreeBSD Update builds finish).

Err, and by "you should be safe" I mean "if you've installed an updated
copy of the two ports you should be safe".  Obviously the ports had the
same security problems as the base system code.

Colin Percival