BIND 9 Vulnerabilities Discovered

[mmx]

Hey guys, looks like BIND 9 has a remote vulnerability out. According to the BIND email list, the following versions are affected:

BIND 9.3.0, BIND 9.3.1, BIND 9.3.2, BIND 9.3.3b1 and BIND 9.3.3rc1
BIND 9.4.0a1, 9.4.0a2, 9.4.0a3, 9.4.0a4, 9.4.0a5, 9.4.0a6 and 9.4.0b1.

How can I update BIND on FreeBSD 5.5? as I don't see it on the Ports system. I currently have 9.3.2.

EDIT: Will this switchover work flawlessly? http://www.zytrax.com/books/dns/ch5/

 

[Chrysalis]

you need to wait, I expect a advisory will be released to patch the BIND in the base system, the port will be updated seperatly.

 

[HH-Steve]

Just do the usual cvsup, build kernel/world etc... as the source is now corrected.

Steve

 

[bigboy]

need how to updateb for freeBSD 5.4-5.5

 

[Chrysalis]

advisory is out now, cvsup build/installworld will do job although its not necessary. The bind files can be compiled seperatly patched and applied without reboot.

 

[bigboy]

need how to Step by step

 

[h2d]

update your ports system
i suggest using


portsnap fetch
portsnap extract
portnsap update
cd /usr/ports/dns/bind9
make && make install && make clean

make sure you select the option to install the base system only

 

[bigboy]

cd /usr/ports/dns/bind9
make && make install && make clean

Options for bind9 9.3.2.1

this option must select option?

[ ] REPLACE_BASE Replace base BIND wit this version
[ ] THREADS compile wit thread support(Not recommended)

 

[h2d]

select the first option only