Bind9 security upgrade
Greg Rivers
gcr+freebsd-ports at tharned.org
Sat Feb 6 04:00:45 UTC 2021
On Friday, 5 February 2021 19:10:26 CST bob prohaska wrote:
> What's the appropriate port of bind for use at present?
> It appears 9.16.1 is subject to a DOS attack, to which I
> seem to have fallen victim:
> https://kb.isc.org/docs/cve-2020-8617
>
> There's a port called bind9.16.11, which is compiling now,
> but it's unclear if that's adequately patched. The CVE
> calls for 9.16.3 as the fixed version.
>
I think that means >= 9.16.3. But 9.16.3 is pretty old by now, and many other bugs have since been fixed. You definitely want to track the current stable release, which is 9.16.11 at present.
--
Greg
More information about the freebsd-ports
mailing list