OpenSSL warning from dns/bind95 build...?

Hi, all--

Apropos of this security issue with BIND, I just tried updating a FreeBSD-6.3-STABLE system with dns/bind95, and it loudly complains about the OpenSSL version which comes with the system:

[ ... ]
config.status: creating include/isc/platform.h
config.status: creating config.h
WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
WARNING WARNING
WARNING Your OpenSSL crypto library may be vulnerable to WARNING
WARNING one or more of the the following known security WARNING
WARNING flaws: WARNING
WARNING WARNING
WARNING CAN-2002-0659, CAN-2006-4339, CVE-2006-2937 and WARNING
WARNING CVE-2006-2940. WARNING
WARNING WARNING
WARNING It is recommended that you upgrade to OpenSSL WARNING
WARNING version 0.9.8d/0.9.7l (or greater). WARNING
WARNING WARNING
WARNING You can disable this warning by specifying: WARNING
WARNING WARNING
WARNING --disable-openssl-version-check WARNING
WARNING WARNING
WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
===> Building for bind95-base-9.5.0.1

Is the version of OpenSSL now included with RELENG_6 (OpenSSL 0.9.7e- p1) OK, or is it at risk as reported?

Regards,
--
-Chuck

_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"