OpenSSL warning from dns/bind95 build...?

Chuck Swiger Fri, 11 Jul 2008 13:31:14 -0700

Hi, all--

Apropos of this security issue with BIND, I just tried updating aFreeBSD-6.3-STABLE system with dns/bind95, and it loudly complainsabout the OpenSSL version which comes with the system:

[ ... ]
config.status: creating include/isc/platform.h
config.status: creating config.h
WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNINGWARNING WARNINGWARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNINGWARNING WARNINGWARNINGWARNINGWARNING Your OpenSSL crypto library may be vulnerableto WARNINGWARNING one or more of the the following knownsecurity WARNINGWARNINGflaws: WARNINGWARNINGWARNINGWARNING CAN-2002-0659, CAN-2006-4339, CVE-2006-2937and WARNINGWARNINGCVE-2006-2940. WARNINGWARNINGWARNINGWARNING It is recommended that you upgrade toOpenSSL WARNINGWARNING version 0.9.8d/0.9.7l (orgreater). WARNINGWARNINGWARNINGWARNING You can disable this warning byspecifying: WARNINGWARNINGWARNINGWARNING --disable-openssl-version-checkWARNINGWARNINGWARNINGWARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNINGWARNING WARNINGWARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNINGWARNING WARNING
===>  Building for bind95-base-9.5.0.1

Is the version of OpenSSL now included with RELENG_6 (OpenSSL 0.9.7e-p1) OK, or is it at risk as reported?


Regards,
--
-Chuck

_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

OpenSSL warning from dns/bind95 build...?

Reply via email to