Date: Mon, 22 Mar 2021 13:36:02 +0000 From: Matthew Seaman <matthew@FreeBSD.org> To: freebsd-questions@freebsd.org Subject: Re: [matt@openssl.org: Forthcoming OpenSSL release] Message-ID: <35d8065d-d2ac-4ef9-a89a-3aa28fdcdcf0@FreeBSD.org> In-Reply-To: <YFiKE%2BxgO8qWYqJI@doctor.nl2k.ab.ca> References: <YFiKE%2BxgO8qWYqJI@doctor.nl2k.ab.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
On 22/03/2021 12:14, The Doctor via freebsd-questions wrote: > ----- Forwarded message from Matt Caswell <matt@openssl.org> ----- > > Date: Mon, 22 Mar 2021 09:18:12 +0000 > From: Matt Caswell <matt@openssl.org> > To: "openssl-project@openssl.org" <openssl-project@openssl.org>, > openssl-announce@openssl.org, "openssl-users@openssl.org" > <openssl-users@openssl.org> > Subject: Forthcoming OpenSSL release > User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 > Thunderbird/78.7.1 > > The OpenSSL project team would like to announce the forthcoming > release of OpenSSL version 1.1.1k. > > This release will be made available on Thursday 25th March 2021 > between 1300-1700 UTC. > > OpenSSL 1.1.1k is a security-fix release. The highest severity issue > fixed in this release is HIGH: > https://www.openssl.org/policies/secpolicy.html#high > > Yours > > The OpenSSL Project Team > > ----- End forwarded message ----- > > Just got this. > > Does this means FReeBSD 11,12,13 and 14 are affected? > Very likely. The FreeBSD security team will have seen the same announcement from OpenSSL, quite possibly somewhat earlier than you did (under embargo though: not publicizing open security holes before everyone has had a chance to fix them is quite important) and given they agree that this is a high severity issue, will have been working up system patches and advisories for release at around the same time. Typically there will be a more-or-less coordinated release of OS security advisories and patches across all affected operating systems and distributions. So, expect to be applying some patches later this week, whatever OS you're running. Cheers, Matthew
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?35d8065d-d2ac-4ef9-a89a-3aa28fdcdcf0>