bind94 security update (UNOFFICIAL)

Hi,

        For anyone looking to update the bind94 port due to the recent
frenzy, you can :

1) Update the Makefile :

>From : PORTREVISION=   1
To   : PORTREVISION=   2

>From : ISCVERSION=     9.4.2
To   : ISCVERSION=     9.4.2-P1

2) Drop this into distinfo :

MD5 (bind-9.4.2-P1.tar.gz) = 87b80edd9872cb017053866c81ca9be8
SHA256 (bind-9.4.2-P1.tar.gz) = eeeb8f89fe6d88b250ad85ee21cfde6f8ac6f425c70c6705352b3fa8c4c4ee84
SIZE (bind-9.4.2-P1.tar.gz) = 6451654
MD5 (bind-9.4.2-P1.tar.gz.asc) = 72310b7045d9806b913835c55ba5388b
SHA256 (bind-9.4.2-P1.tar.gz.asc) = c84b6446416ff1096ec5bfb1c731d31f984b312b45a3d2064a922a6b50b6162d
SIZE (bind-9.4.2-P1.tar.gz.asc) = 479


        THIS IS NOT THE OFFICIAL FREEBSD PORTS UPGRADE PATH OR MAINTAINER...
This is a stop gap until "MAINTAINER=     [hidden email]" does it officially.
I have not contacted him about it yet admittedly.  I have tested this on a 4.10,
5.5, and 7.0 system and it works fine.

                Tuc
_______________________________________________
[hidden email] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[hidden email]"

For those like me who don't know any better. How can I confirm your  
suggestion will not be introducing addition problems or people into  
the equation?

Thanks,
David


Quoting "Tuc at T-B-O-H.NET" <[hidden email]>:



----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.

_______________________________________________
[hidden email] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[hidden email]"

because the source download comes from ISC, he is correct in the proceedure,
and I trust him :)

On Thu, Jul 10, 2008 at 12:29 AM, David Alanis <[hidden email]> wrote:
_______________________________________________
[hidden email] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[hidden email]"

David,

        You are very wise to ask....

        If you look at the changes, there are NO changes to what FTP
site the binary is picked up from, there are NO additional files inserting
patches, etc. I have only changed the PORTREVISION so that portupgrade and
the likes will notice it, and the distinfo since there is a new binary
and asc. If you check the make, it actually uses the ".asc" file to verify
the contents.

        Had I added any FTP/HTTP sites, additional patches, etc I wouldn't
have even published this. But in my opinion, since I only bump the revision
and give new checksums for files that are taken off a previous distribution
site, I don't feel people are in danger of taking them over.

        As dougb says, its just as easy to officially D/L it from the
source site and compile by hand. I was just doing this in the hopes that
people wanted a "make;make install" or "portupgrade ..." could have it
quickly.


                Tuc
_______________________________________________
[hidden email] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[hidden email]"

Hi,

        But Dingo, can YOU be trusted to trust me? ;)


        BTW: There are 2 ways to tell if your DNS is vulnerable :

1) I PREFER the command line written by Michael C. Toren :

http://michael.toren.net/code/noclicky/

Though you need per, Net::DNS and LWP.

2) If you can use a GUI browser on the machine you have DNS itself
running on :

http://www.doxpara.com/


        NEITHER site is mine.

                        Tuc
_______________________________________________
[hidden email] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[hidden email]"

Good Day,

I suppose now I am paying for questioning TUC's credibility huh?!?!? (jk)

In the process of building an older server running 7.0-RELEASE  
:/usr/obj/usr/src/sys/SERVER  i386 on a HP Proliant D380 G3 (CPU:  
Intel(R) Xeon(TM) CPU 2.40GHz (2387.05-MHz 686-class CPU). After some  
research I come to find out having RAM over 4 gigs can have side  
effects and I will need to compile PAE with the kernel (this is a  
given). I've also come to find my set up can only handle up to 6 gigs  
of RAM and it's currently at 5.

However, when I compile PAE on this machine the kernel build crashes  
with the following:

n -fformat-extensions -c /usr/src/sys/modules/rum/../../dev/usb/if_rum.c
ld  -d -warn-common -r -d -o if_rum.kld if_rum.o
:> export_syms
awk -f /usr/src/sys/modules/rum/../../conf/kmod_syms.awk if_rum.kld  
export_syms | xarg                          s -J% objcopy % if_rum.kld
ld -Bshareable  -d -warn-common -o if_rum.ko.debug if_rum.kld
objcopy --only-keep-debug if_rum.ko.debug if_rum.ko.symbols
objcopy --strip-debug --add-gnu-debuglink=if_rum.ko.symbols  
if_rum.ko.debug if_rum.ko
===> s3 (all)
/usr/local/libexec/ccache/world-cc -O2 -fno-strict-aliasing -pipe  
-D_KERNEL -DKLD_MODU                          LE -std=c99 -nostdinc    
-DHAVE_KERNEL_OPTION_HEADERS -include /usr/obj/usr/src/sys/SERV        
                   ER/opt_global.h -I. -I@ -I@/contrib/altq  
-finline-limit=8000 --param inline-unit-growth                          
  =100 --param large-function-growth=1000 -fno-common -g  
-I/usr/obj/usr/src/sys/SERVER -m                          
no-align-long-strings -mpreferred-stack-boundary=2  -mno-mmx  
-mno-3dnow -mno-sse -mno-s                          se2 -mno-sse3  
-ffreestanding -Wall -Wredundant-decls -Wnested-externs  
-Wstrict-prototyp                          es  -Wmissing-prototypes  
-Wpointer-arith -Winline -Wcast-qual  -Wundef -Wno-pointer-sig          
                  n -fformat-extensions -c  
/usr/src/sys/modules/s3/../../dev/fb/s3_pci.c
/usr/src/sys/modules/s3/../../dev/fb/s3_pci.c:394: error: conflicting  
types for 's3lfb_                          mmap'
/usr/src/sys/modules/s3/../../dev/fb/s3_pci.c:116: error: previous  
declaration of 's3lf                          b_mmap' was here
/usr/src/sys/modules/s3/../../dev/fb/s3_pci.c: In function 's3lfb_mmap':
/usr/src/sys/modules/s3/../../dev/fb/s3_pci.c:395: warning: passing  
argument 3 of 'prev                          vidsw->mmap' from  
incompatible pointer type
*** Error code 1

Stop in /usr/src/sys/modules/s3.
*** Error code 1

Stop in /usr/src/sys/modules.
*** Error code 1

Stop in /usr/obj/usr/src/sys/SERVER.
*** Error code 1

Stop in /usr/src.
*** Error code 1

Stop in /usr/src.

I have a messy make.conf but I don't think this would be the issue  
hence it's worked on different servers tweak to fit them ofcourse:

#CPUTYPE?=athlon-xp
CFLAGS= -O2 -fno-strict-aliasing -pipe
MAKE_SHELL?=sh
COPTFLAGS= -O -pipe
KERNCONF=SERVER

The only hit I get on google is this which really does not solve my  
issue or I am not reading this correctly?

http://www.bsdforums.org/forums/archive/index.php/t-34088.html

Does anyone have any experience with this that can help?

Thank you,

David






----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.

_______________________________________________
[hidden email] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[hidden email]"