FreeBSD Security Advisory FreeBSD-SA-06:20.bind
Doug Barton
dougb at FreeBSD.org
Thu Sep 7 22:55:26 PDT 2006
Peter Thoenen wrote:
> Just to verify as not mentioned in the security advisory, if you are
> using both the BIND and OPENSSL ports with the REPLACE_BASE directive,
> these don't apply correct?
Assuming you've updated to the 9.3.2-P1 version (ports version 9.3.2.1) of
BIND 9, then yes for the BIND part of the advisory. The BIND ports with
REPLACE_BASE will overwrite all the system binaries, and actually install a
couple things that the base doesn't (not that I'd expect anyone would need
or want them, I just don't like to muck with the ports more than absolutely
necessary).
For completeness sake, I should note that what I said up there is not 100%
accurate in the case where you have BIND 8 in the base (such as in
RELENG_4), and try to replace it with BIND 9, or vice versa. In that case,
you're better off first doing a build/installworld with the NO_BIND option
set in make.conf, removing all the old binaries, libs, and includes; and
then installing the port.
hth,
Doug
--
This .signature sanitized for your protection
More information about the freebsd-security
mailing list