Date: Sun, 6 Jun 2010 12:40:10 +0200 From: "Simon L. Nielsen" <simon@FreeBSD.org> To: freebsd-security@FreeBSD.org Subject: FreeBSD OpenSSL and CVE-2010-0742 Message-ID: <20100606104010.GA2923@arthur.nitro.dk>
next in thread | raw e-mail | index | archive | help
--IS0zKkzwUGydFO0o Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hey, Just FYI for anybody who might need it. FreeBSD isn't affected by the latest OpenSSL security issues. The issue with the name CVE-2010-1633 isn't relevant as FreeBSD does not yet have OpenSSL 1.0 imported. For CVE-2010-0742 the affected 'CMS' module is not enabled in FreeBSD. References: http://www.openssl.org/news/secadv_20100601.txt http://svn.freebsd.org/viewvc/base/stable/8/secure/lib/libcrypto/Makefile?a= nnotate=3D196045#l329 --=20 Simon L. Nielsen Hat: OpenSSL maintainer --IS0zKkzwUGydFO0o Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (FreeBSD) iD8DBQFMC3sJBJx0gP90kKsRAsDyAKCEEmbq3LR9e0iIUsOvO3qFkV2kkgCeNpaV ybpL1yZjukv+dzoL66xP0qE= =5zP2 -----END PGP SIGNATURE----- --IS0zKkzwUGydFO0o--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20100606104010.GA2923>