[nycbug-talk] BIND vulnerability
Dan Langille
dan at langille.org
Wed Jul 9 07:26:27 EDT 2008
On Jul 8, 2008, at 10:30 PM, Charles Sprickman wrote:
> Just in case you haven't seen this elsewhere yet:
>
> http://www.kb.cert.org/vuls/id/800113
> http://www.kb.cert.org/vuls/id/MIMG-7ECL7M
>
> I wonder if that "notification date" for FreeBSD is to be believed?
For the benefit of those reading mail offline, the date in the URL is
5 May 2008.
Why would you not believe it? You think they're lying?
> There's currently no updates to the ports. I run 9.3.5 and was
> able to
> build the patched version within ports by doing the following:
>
> -editing the distinfo file like so:
>
> MD5 (bind-9.3.5-P1.tar.gz) = 1446984f552b18a0ff7db63971a0cb5a
> SHA256 (bind-9.3.5-P1.tar.gz) =
> 8bd6b53f5a2c5f0332aaba9a51ef3d7fc55c60f906f0c506
> e11b6600ed82a90b
> SIZE (bind-9.3.5-P1.tar.gz) = 5626167
> MD5 (bind-9.3.5-P1.tar.gz.asc) = 3680754939a9af0b1f6bb733a3a8fb3b
> SHA256 (bind-9.3.5-P1.tar.gz.asc) =
> cf312c8a4c2cf1c07a473d2ff6db597a0677c5f8a79b
> 4e7d3f7333663a862a5c
> SIZE (bind-9.3.5-P1.tar.gz.asc) = 479
>
> -editing the port Makefile to reflect the new filename:
>
> # ISC releases things like 9.3.0rc1, which our versioning doesn't like
> ISCVERSION= 9.3.5-P1
>
> Built clean on 6.3, running it for about an hour now.
Please submit a patch.
--
Dan Langille -- http://www.langille.org/
More information about the talk
mailing list