Re: FreeBSD Security Advisory FreeBSD-SA-09:02.openssl

---

• From: Doug Barton <dougb@xxxxxxxxxxx>
• Date: Wed, 07 Jan 2009 23:21:14 -0800

---

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

matt donovan wrote:

On Wed, Jan 7, 2009 at 5:49 PM, Matthew Seaman <
m.seaman@xxxxxxxxxxxxxxxxxxxxxx> wrote:

The oCert advisory at http://ocert.org/advisories/ocert-2008-016.html
lists BIND and NTP as affected packages. Don't the base system versions
of those apps also need patching?

I was told they don't but I believe they do since it's the code inside of
ntp and bind don't check the return code correctly from what I can tell for
the OpenSSL EVP API

Please see: https://www.isc.org/node/373

Unless you are using DNSSEC to verify signatures you're not vulnerable
at all.

As usual for non-critical upgrades I will upgrade the ports first so
that those that need the new version(s) can easily get to them in a
hurry, then upgrade the base(s) over the next day or two.

hth,

Doug

- --

This .signature sanitized for your protection

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (FreeBSD)

iEYEAREDAAYFAkllqWoACgkQyIakK9Wy8PsIgACg1+vOtfCdZcw2Wirybm4lLpWD
VUEAnisZEkFBM4I3+8YmLp97Y/z/i8OG
=Uelm
-----END PGP SIGNATURE-----
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"

---

• References:
  • FreeBSD Security Advisory FreeBSD-SA-09:02.openssl
    • From: FreeBSD Security Advisories
  • Re: FreeBSD Security Advisory FreeBSD-SA-09:02.openssl
    • From: Matthew Seaman
  • Re: FreeBSD Security Advisory FreeBSD-SA-09:02.openssl
    • From: matt donovan

• Prev by Date: Re: FreeBSD Security Advisory FreeBSD-SA-09:02.openssl
• Next by Date: Re: FreeBSD Security Advisory FreeBSD-SA-09:02.openssl
• Previous by thread: Re: FreeBSD Security Advisory FreeBSD-SA-09:02.openssl
• Next by thread: Re: FreeBSD Security Advisory FreeBSD-SA-09:02.openssl
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: EyeTV 3 is out.... ... it's a bit like an Office/Win "upgrade". ... I was discounting the £15 that tvtv would have cost me. ... getting the new schedule or EyeTV not checking with tvtv more than ... I don't have an option for NTP clock setting. ... (uk.comp.sys.mac) Re: Ntp in sid doing strange things? ... I upgrade every day, and had a fresh reboot 3 days ago. ... Ntp is working fine ... clocks in the machines' CPU, ... "One disk to rule them all, ... (Debian-User) GCC-4.2.3 Compiler Error in NTP-4.2.2p4 ... I tried to upgrade my ntp version running on a FreeBSD 6.3-STABLE ... *** Error code 1 ... PGP KeyID = 0x5F22FDC1 ... (comp.protocols.time.ntp) How do you back up a Signaling Server? ... We recently upgraded our Signaling Server from 2.11.03 to 2.11.14. ... Durring the upgrade process it says in the 4.5 NTP to perform a back up ... (comp.dcom.sys.nortel)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > FreeBSD-Security  > 2009-01