Date: Sat, 17 Apr 2010 09:01:13 -0700 (PDT) From: Tim Gustafson <tjg@soe.ucsc.edu> To: APseudoUtopia <apseudoutopia@gmail.com> Cc: freebsd-security@freebsd.org Subject: Re: OpenSSL 0.9.8k -> 0.9.8l Message-ID: <1576323409.700861271520073086.JavaMail.root@mail-01.cse.ucsc.edu> In-Reply-To: <v2x27ade5281004170812s6250d4acke6c7059c752d9456@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> This isn't an answer to your question, but you could > always use OpenSSL from the ports tree. I'm hesitant to do so because in the past I've had problem when I've used the ports to upgrade base OS-level stuff, like OpenSSL or Sendmail, then the buildworld cycle overwrites the ports library and the ports library overwrites the OS-level stuff and so on, which in the past has caused general mayhem. It seems to me that the exploits purported to exist in 0.9.8k are serious enough to merit an upgrade to 0.9.8l for everyone. Is there a reason why you wouldn't want to upgrade to 0.9.8l? Tim Gustafson Baskin School of Engineering UC Santa Cruz tjg@soe.ucsc.edu 831-459-5354
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1576323409.700861271520073086.JavaMail.root>