From owner-freebsd-security@FreeBSD.ORG Tue Apr 8 19:09:21 2014 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id ADB431E5 for ; Tue, 8 Apr 2014 19:09:21 +0000 (UTC) Received: from mail-ob0-x22d.google.com (mail-ob0-x22d.google.com [IPv6:2607:f8b0:4003:c01::22d]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 77393173F for ; Tue, 8 Apr 2014 19:09:21 +0000 (UTC) Received: by mail-ob0-f173.google.com with SMTP id gq1so1534419obb.32 for ; Tue, 08 Apr 2014 12:09:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=VIoWTUk0qYk/drJOj5LxxHs1qrFT701OA1p5jBtjBqg=; b=TJ2mRzbl9hqT0rK8DDzdbCvPw00N2JZ7wC0GY0LIpGFlU/TYBIhw3ifQrzFjj3mVt0 rgdG35jZecvtTrvQWTav1dxeNM1IGM+jPbaFLHSVM6TK7Jy/mNtiYnM8NjvXxMqHMW5x QVFY5KWvKPXnYYnYkc7kIummeFwNW3Xh6wwRkRNK8I7UkkSFhodkFuM4wxcvxgXRc6X2 O58FcrV+zUxB5w65nzbXNu7iJL5/co1fymdIKnctvkOOjRo7YFF3AeSOruMErqxySSD8 S9KuvJWUggoQ7O9FJc+//RTSn5P3L9AMU1Mt3Awj7Z83JS9LkNa0Lrwy55h5hUUuA+SR rIoA== MIME-Version: 1.0 X-Received: by 10.60.124.227 with SMTP id ml3mr3087988oeb.67.1396984160768; Tue, 08 Apr 2014 12:09:20 -0700 (PDT) Sender: ndorfman@gmail.com Received: by 10.60.158.106 with HTTP; Tue, 8 Apr 2014 12:09:20 -0700 (PDT) In-Reply-To: <20140408190227.8774EDD1@hub.freebsd.org> References: <20140408174210.GA5433@behemoth> <20140408195049.04129f2a@azsupport.com> <20140408190227.8774EDD1@hub.freebsd.org> Date: Tue, 8 Apr 2014 15:09:20 -0400 X-Google-Sender-Auth: UmafeyWKsHrvP5iak7OVYSfkd_g Message-ID: Subject: Re: FreeBSD's heartbleed response From: Nathan Dorfman To: Niklaus Schiess Content-Type: text/plain; charset=UTF-8 Cc: freebsd-security@freebsd.org X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Apr 2014 19:09:21 -0000 Uh, an excuse for what exactly? You must be talking about installing 1.0.1 from the ports. That was fixed yesterday by updating the version in ports to 1.0.1g: http://svnweb.freebsd.org/ports?view=revision&revision=350548 -nd. On Tue, Apr 8, 2014 at 2:54 PM, Niklaus Schiess wrote: > Plenty of FreeBSD deployments use 1.0.1x due to the lack of TLS 1.2 > support in 0.9.x. So thats not an excuse. > > On 08.04.2014 19:50, Andrei wrote: >> On Tue, 8 Apr 2014 10:46:12 -0700 >> Mark Boolootian wrote: >> >>> While it may not be quite what you're looking for, ports contains >>> OpenSSL 1.0.1g. >> >> And also FreeBSD 8.x/9.x not affected because have 0.9.x OpenSSL in base. >> _______________________________________________ >> freebsd-security@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-security >> To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" >> > > -- > PGP FP: CB84 8C68 ADDB 6C50 7DF1 4227 F2A6 056A A799 76DA > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"