Re: FreeBSD Security Advisory FreeBSD-SA-09:02.openssl

Hash: RIPEMD160

matt donovan wrote:
On Wed, Jan 7, 2009 at 5:49 PM, Matthew Seaman <
m.seaman@xxxxxxxxxxxxxxxxxxxxxx> wrote:
The oCert advisory at
lists BIND and NTP as affected packages. Don't the base system versions
of those apps also need patching?
I was told they don't but I believe they do since it's the code inside of
ntp and bind don't check the return code correctly from what I can tell for

Please see:

Unless you are using DNSSEC to verify signatures you're not vulnerable
at all.

As usual for non-critical upgrades I will upgrade the ports first so
that those that need the new version(s) can easily get to them in a
hurry, then upgrade the base(s) over the next day or two.



- --

This .signature sanitized for your protection

Version: GnuPG v2.0.9 (FreeBSD)

freebsd-security@xxxxxxxxxxx mailing list
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"

Relevant Pages

  • Re: EyeTV 3 is out....
    ... it's a bit like an Office/Win "upgrade". ... I was discounting the £15 that tvtv would have cost me. ... getting the new schedule or EyeTV not checking with tvtv more than ... I don't have an option for NTP clock setting. ...
  • Re: Ntp in sid doing strange things?
    ... I upgrade every day, and had a fresh reboot 3 days ago. ... Ntp is working fine ... clocks in the machines' CPU, ... "One disk to rule them all, ...
  • Re: ntpd access restrictions: Server allowed works only with ipaddress
    ... not specific to NTP. ... From our own customers I know that many of them keep using e.g. existing/older Linux distros, since basically they work as expected, and they don't always upgrade the whole distro just because a new version is available. ... So I can understand why many people just try to keep working with the latest binary package available for their distro. ...
  • GCC-4.2.3 Compiler Error in NTP-4.2.2p4
    ... I tried to upgrade my ntp version running on a FreeBSD 6.3-STABLE ... *** Error code 1 ... PGP KeyID = 0x5F22FDC1 ...