Just to verify as not mentioned in the security advisory, if you are using both the BIND and OPENSSL ports with the REPLACE_BASE directive, these don't apply correct? -Peter