Re: FreeBSD Security Advisory FreeBSD-SA-06:20.bind
Peter Thoenen wrote:
> Just to verify as not mentioned in the security advisory, if you are
> using both the BIND and OPENSSL ports with the REPLACE_BASE directive,
> these don't apply correct?
I don't know enough of what the ports do to be certain about the answer
to that question, but here are the files in the FreeBSD 6.x base system
which are affected by these security advisories:
/lib/libcrypto.so.4
/usr/bin/dig
/usr/bin/host
/usr/bin/nslookup
/usr/bin/nsupdate
/usr/bin/openssl
/usr/lib/libcrypto.a
/usr/lib/libssl.so.4
/usr/sbin/dnssec-keygen
/usr/sbin/dnssec-signzone
/usr/sbin/lwresd
/usr/sbin/named-checkconf
/usr/sbin/named-checkzone
/usr/sbin/named
/usr/sbin/rndc-confgen
/usr/lib/libcrypto_p.a
If the ports replace all of those files, you should be safe (at least
on FreeBSD 6.x -- I can give you a list of files modified on FreeBSD
5.x and 4.11 once those FreeBSD Update builds finish).
Colin Percival
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 4 之 6 篇):