Date: Tue, 08 Apr 2014 08:44:17 -0400 From: staticsafe <me@staticsafe.ca> To: =?ISO-8859-1?Q?Matheus_Weber_da_Concei=E7=E3o?= <matheuswcon@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: OpenSSL TLS Heartbeat Security Issue Message-ID: <5343EF21.4090702@staticsafe.ca> In-Reply-To: <CACxFWOfq=9Zedgp-jQFPLSQE0fdnkLZQ=6F4GNi37PB38yTYqg@mail.gmail.com> References: <20140408134425.Horde.azH0NUU2X8TUmV9kVtS2MA2@d2ux.org> <5343E28E.3070905@staticsafe.ca> <CACxFWOfq=9Zedgp-jQFPLSQE0fdnkLZQ=6F4GNi37PB38yTYqg@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 4/8/2014 08:29, Matheus Weber da Conceição wrote: > # uname -a && openssl version > FreeBSD labxyz 10.0-RELEASE FreeBSD 10.0-RELEASE #0 r264140: Mon Apr 7 > 11:21:50 BRT 2014 root@labxyz:/usr/obj/usr/src/sys/LABXYZ amd64 > OpenSSL 1.0.1e-freebsd 11 Feb 2013 > > Looks like a vulnerable OpenSSL, or the freebsd version was compiled > without heartbleed support? > Yep, vulnerable version. OpenSSL is built with heartbeat by default. -- staticsafe
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5343EF21.4090702>