Re: FreeBSD Security Advisory FreeBSD-SA-06:20.bind
Peter Thoenen wrote:
> Just to verify as not mentioned in the security advisory, if you are
> using both the BIND and OPENSSL ports with the REPLACE_BASE directive,
> these don't apply correct?
Assuming you've updated to the 9.3.2-P1 version (ports version 9.3.2.1) of
BIND 9, then yes for the BIND part of the advisory. The BIND ports with
REPLACE_BASE will overwrite all the system binaries, and actually install a
couple things that the base doesn't (not that I'd expect anyone would need
or want them, I just don't like to muck with the ports more than absolutely
necessary).
For completeness sake, I should note that what I said up there is not 100%
accurate in the case where you have BIND 8 in the base (such as in
RELENG_4), and try to replace it with BIND 9, or vice versa. In that case,
you're better off first doing a build/installworld with the NO_BIND option
set in make.conf, removing all the old binaries, libs, and includes; and
then installing the port.
hth,
Doug
--
This .signature sanitized for your protection
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 6 之 6 篇):