Re: FreeBSD Security Advisory FreeBSD-SA-06:20.bind
- From: Colin Percival <cperciva@xxxxxxxxxxx>
- Date: Wed, 06 Sep 2006 16:47:43 -0700
Peter Thoenen wrote:
Just to verify as not mentioned in the security advisory, if you are
using both the BIND and OPENSSL ports with the REPLACE_BASE directive,
these don't apply correct?
I don't know enough of what the ports do to be certain about the answer
to that question, but here are the files in the FreeBSD 6.x base system
which are affected by these security advisories:
/lib/libcrypto.so.4
/usr/bin/dig
/usr/bin/host
/usr/bin/nslookup
/usr/bin/nsupdate
/usr/bin/openssl
/usr/lib/libcrypto.a
/usr/lib/libssl.so.4
/usr/sbin/dnssec-keygen
/usr/sbin/dnssec-signzone
/usr/sbin/lwresd
/usr/sbin/named-checkconf
/usr/sbin/named-checkzone
/usr/sbin/named
/usr/sbin/rndc-confgen
/usr/lib/libcrypto_p.a
If the ports replace all of those files, you should be safe (at least
on FreeBSD 6.x -- I can give you a list of files modified on FreeBSD
5.x and 4.11 once those FreeBSD Update builds finish).
Colin Percival
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"
- Follow-Ups:
- Re: FreeBSD Security Advisory FreeBSD-SA-06:20.bind
- From: Colin Percival
- Re: FreeBSD Security Advisory FreeBSD-SA-06:20.bind
- References:
- Re: FreeBSD Security Advisory FreeBSD-SA-06:20.bind
- From: Peter Thoenen
- Re: FreeBSD Security Advisory FreeBSD-SA-06:20.bind
- Prev by Date: Re: [FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-06:19.openssl
- Next by Date: Re: FreeBSD Security Advisory FreeBSD-SA-06:20.bind
- Previous by thread: Re: FreeBSD Security Advisory FreeBSD-SA-06:20.bind
- Next by thread: Re: FreeBSD Security Advisory FreeBSD-SA-06:20.bind
- Index(es):
Relevant Pages
|
|
