From owner-freebsd-ports@FreeBSD.ORG  Wed Apr 30 19:48:25 2014
Return-Path: <owner-freebsd-ports@FreeBSD.ORG>
Delivered-To: freebsd-ports@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id BF4E4B0;
 Wed, 30 Apr 2014 19:48:25 +0000 (UTC)
Received: from mx1.enfer-du-nord.net (mx1.enfer-du-nord.net
 [IPv6:2001:41d0:8:3c67:1:1:0:1])
 (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 848561DC5;
 Wed, 30 Apr 2014 19:48:25 +0000 (UTC)
Received: from sulu.fritz.box (p3EE2F261.dip0.t-ipconnect.de [62.226.242.97])
 by mx1.enfer-du-nord.net (Postfix) with ESMTPSA id 3gJqys37kbz52R;
 Wed, 30 Apr 2014 21:48:21 +0200 (CEST)
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 6.6 \(1510\))
Subject: Re: ports requiring OpenSSL not honouring OpenSSL from ports
From: Michael Grimm <trashcan@odo.in-berlin.de>
In-Reply-To: <201404272250.s3RMo2NZ095771@catnip.dyslexicfish.net>
Date: Wed, 30 Apr 2014 21:48:20 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <445CDD31-5A11-4F5E-92DE-CB11A10E9BDE@odo.in-berlin.de>
References: <201404271508.s3RF8sMA014085@catnip.dyslexicfish.net>
 <CACdU+f_Wo6VDcJkn6tmF8MTU49=rnJM7SB6XxofGZVdukSarHA@mail.gmail.com>
 <201404272250.s3RMo2NZ095771@catnip.dyslexicfish.net>
To: freebsd-security@freebsd.org
X-Mailer: Apple Mail (2.1510)
Cc: "freebsd-ports@freebsd.org" <freebsd-ports@freebsd.org>
X-BeenThere: freebsd-ports@freebsd.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Porting software to FreeBSD <freebsd-ports.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports/>
List-Post: <mailto:freebsd-ports@freebsd.org>
List-Help: <mailto:freebsd-ports-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Apr 2014 19:48:25 -0000

[CC'd to freebsd-ports]

On 28.04.2014, at 00:50, Jamie Landeg-Jones <jamie@dyslexicfish.net> =
wrote:
> Scot Hetzel <swhetzel@gmail.com> wrote:

> Here's a list of some that link against /lib/libcrypto.so.7 and/or
> /lib/libssl.so.7
[...]
> devel/android-tools-adb
> net-p2p/transmission-cli
> net-p2p/transmission-daemon
> net/socat
> net/svnup
> ports-mgmt/pkg
> security/john
> security/scrypt
> security/trousers
> sysutils/tarsnap

+ www/nginx

It took me some time to realize that nginx continued to be vulnerable =
(heartbleed) even after:
1) creating upgraded poudriere jail (svn,stable10)
2) rebuilding all installed ports in that jail by poudriere
3) reinstalling all ports
4) rebuilding world and kernel (svn, stable10)
5) rebooting

Well, I should have started with 4) instead. Now I know ;-)=20

Regards,
Michael