Re: FreeBSD Security Advisory FreeBSD-SA-06:20.bind



I wrote:
I don't know enough of what the ports do to be certain about the answer
to that question, but here are the files in the FreeBSD 6.x base system
which are affected by these security advisories:
...
If the ports replace all of those files, you should be safe (at least
on FreeBSD 6.x -- I can give you a list of files modified on FreeBSD
5.x and 4.11 once those FreeBSD Update builds finish).

Err, and by "you should be safe" I mean "if you've installed an updated
copy of the two ports you should be safe". Obviously the ports had the
same security problems as the base system code.

Colin Percival
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"



Relevant Pages

  • Re: New to FreeBSD - Some questions
    ... q) Is it possible to run a FreeBSD system without much building? ... you can run both the operating system and the ports from prebuilt binaries. ... q) I would assume UFS with J+SU is "fast enough" for a laptop? ... I installed the base system into Virtualbox and everything works quite ...
    (freebsd-questions)
  • Re: FreeBSD problems and preliminary ways to solve
    ... that they begin migration from FreeBSD to Debian/Ubuntu. ... inadequate package manager and huge monolithic base system ... I'll accept that the package management could be better and the base ... ports' maintainers to do this - the FreeBSD project just hosts the ...
    (freebsd-arch)
  • Re: Added native socks support to libc in FreeBSD 7
    ... As far as putting the code in the base FreeBSD, ... Continue to adhere to RFCs and grow your user base, ... For things to go into the base system ... ... (which you can gain by getting a large user base in ports). ...
    (freebsd-net)
  • [FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-03:12.openssh
    ... Category: core, ports ... OpenSSH is a free version of the SSH protocol suite of network ... to be exploitable for code execution on FreeBSD. ... Disable the base system sshd by executing the following command as ...
    (freebsd-announce)
  • [Full-Disclosure] FreeBSD Security Advisory FreeBSD-SA-03:12.openssh
    ... Category: core, ports ... OpenSSH is a free version of the SSH protocol suite of network ... to be exploitable for code execution on FreeBSD. ... Disable the base system sshd by executing the following command as ...
    (Full-Disclosure)