From owner-freebsd-security@FreeBSD.ORG Sun Jun 14 02:29:30 2015 Return-Path: Delivered-To: freebsd-security@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 371ED270 for ; Sun, 14 Jun 2015 02:29:30 +0000 (UTC) (envelope-from rollingbits@gmail.com) Received: from mail-yh0-x22f.google.com (mail-yh0-x22f.google.com [IPv6:2607:f8b0:4002:c01::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id DF71FAE6 for ; Sun, 14 Jun 2015 02:29:29 +0000 (UTC) (envelope-from rollingbits@gmail.com) Received: by yhak3 with SMTP id k3so25819197yha.2 for ; Sat, 13 Jun 2015 19:29:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:to:subject:mail-followup-to:references :mime-version:content-type:content-disposition:in-reply-to :user-agent; bh=uJp+p/D6BLOHvZJsBCzBKz4eHIjRzrpVhd66q1/naqc=; b=xaHKJbAZ9Ru+jkzZ3f1eJMsisOJi83l8GsU4nXYrcmngme6n6uSCPxyoejrCL0RJ1g Vz+uwfnHH/YZpb3bOB9PHkqIVLVP/SbzSUvsdXcBwT/GKRVnsD8fxkkFXY1S0ibNhzZ4 TPECn53YlW0LhAzLvZ5aA2LcJadG9Q5bT+NT9VpHVYSKhlrFPQ1DBCNVYtQ/T3Hd30Ro Pcax2tdRIJfkDG42KrEP05lszje71lPp3zXxmKLpfsi2aKPlJGd1ZbfWpBAMNdqkoaXr 2n4PMKXveFZkNyW/ddpPROUIZR2RMA++WPESZ7bK4BJXIyYlJzZBb0cXb92WlUW9rasI RfYw== X-Received: by 10.13.247.3 with SMTP id h3mr27515464ywf.154.1434248969072; Sat, 13 Jun 2015 19:29:29 -0700 (PDT) Received: from clonix.invalid. ([179.159.24.45]) by mx.google.com with ESMTPSA id y21sm3589753yhy.0.2015.06.13.19.29.27 for (version=TLSv1 cipher=RC4-SHA bits=128/128); Sat, 13 Jun 2015 19:29:28 -0700 (PDT) Message-ID: <557ce708.2119ec0a.12bc.7872@mx.google.com> X-Google-Original-Message-ID: <20150614022836.GA1433@clonix.invalid.> Received: from clonix.invalid. (localhost [127.0.0.1]) by clonix.invalid. (8.14.9/8.14.9) with ESMTP id t5E2TOLx002386 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sat, 13 Jun 2015 23:29:24 -0300 (BRT) (envelope-from rollingbits@clonix.invalid) Received: (from rollingbits@localhost) by clonix.invalid. (8.14.9/8.14.9/Submit) id t5E2TM7b002385 for freebsd-security@freebsd.org; Sat, 13 Jun 2015 23:29:22 -0300 (BRT) (envelope-from rollingbits) Date: Sat, 13 Jun 2015 23:28:36 -0300 From: "rollingbits (Lucas)" To: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-15:10.openssl Mail-Followup-To: freebsd-security@freebsd.org References: <201506120743.t5C7hUdu035884@freefall.freebsd.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="ibTvN161/egqYuK8" Content-Disposition: inline In-Reply-To: <201506120743.t5C7hUdu035884@freefall.freebsd.org> User-Agent: Mutt/1.5.23 (2014-03-12) X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 14 Jun 2015 02:29:30 -0000 --ibTvN161/egqYuK8 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Jun 12, 2015 at 07:43:30AM +0000, FreeBSD Security Advisories wrote: > 1) Upgrade your vulnerable system to a supported FreeBSD stable or > release / security branch (releng) dated after the correction date. Do I need rebuild my packages too? --=20 rollingbits -- rollingbits@gmail.com, rollingbits@terra.com.br lucasnm@ig.com.br, rollingbits@yahoo.com, rollingbits@globo.com Get my public GPG key in http://rollingbits.tripod.com/mykey.html --ibTvN161/egqYuK8 Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iEYEARECAAYFAlV85s8ACgkQH56BwuUGQbWgSQCfU9naXyKg0bnE7asQm6qW8ST6 QJ0AoLPItomVTSv7BXxG9Y4br4nnUz/i =wIk9 -----END PGP SIGNATURE----- --ibTvN161/egqYuK8-- From owner-freebsd-security@FreeBSD.ORG Sun Jun 14 14:35:40 2015 Return-Path: Delivered-To: freebsd-security@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 10150556 for ; Sun, 14 Jun 2015 14:35:40 +0000 (UTC) (envelope-from matthew@FreeBSD.org) Received: from smtp.infracaninophile.co.uk (smtp.infracaninophile.co.uk [IPv6:2001:8b0:151:1:3cd3:cd67:fafa:3d78]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.infracaninophile.co.uk", Issuer "infracaninophile.co.uk" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id A768D7C9 for ; Sun, 14 Jun 2015 14:35:39 +0000 (UTC) (envelope-from matthew@FreeBSD.org) Received: from liminal.local ([199.119.128.114]) (authenticated bits=0) by smtp.infracaninophile.co.uk (8.15.1/8.15.1) with ESMTPSA id t5EEZVxw057057 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO) for ; Sun, 14 Jun 2015 15:35:33 +0100 (BST) (envelope-from matthew@FreeBSD.org) Authentication-Results: smtp.infracaninophile.co.uk; dmarc=none header.from=FreeBSD.org DKIM-Filter: OpenDKIM Filter v2.9.2 smtp.infracaninophile.co.uk t5EEZVxw057057 Authentication-Results: smtp.infracaninophile.co.uk/t5EEZVxw057057; dkim=none reason="no signature"; dkim-adsp=none; dkim-atps=neutral X-Authentication-Warning: lucid-nonsense.infracaninophile.co.uk: Host [199.119.128.114] claimed to be liminal.local Message-ID: <557D911C.8060101@FreeBSD.org> Date: Sun, 14 Jun 2015 10:35:08 -0400 From: Matthew Seaman User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:31.0) Gecko/20100101 Thunderbird/31.7.0 MIME-Version: 1.0 To: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-15:10.openssl References: <201506120743.t5C7hUdu035884@freefall.freebsd.org> <557ce708.2119ec0a.12bc.7872@mx.google.com> In-Reply-To: <557ce708.2119ec0a.12bc.7872@mx.google.com> Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="m34R7us1Njelx4bRBJPNUuu1Dwfbw68Dx" X-Virus-Scanned: clamav-milter 0.98.7 at lucid-nonsense.infracaninophile.co.uk X-Virus-Status: Clean X-Spam-Status: No, score=-3.0 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00 autolearn=ham autolearn_force=no version=3.4.1 X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on lucid-nonsense.infracaninophile.co.uk X-Mailman-Approved-At: Sun, 14 Jun 2015 14:56:30 +0000 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 14 Jun 2015 14:35:40 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --m34R7us1Njelx4bRBJPNUuu1Dwfbw68Dx Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable On 13/06/2015 22:28, rollingbits (Lucas) wrote: > On Fri, Jun 12, 2015 at 07:43:30AM +0000, FreeBSD Security Advisories w= rote: >> 1) Upgrade your vulnerable system to a supported FreeBSD stable or >> release / security branch (releng) dated after the correction date. >=20 > Do I need rebuild my packages too? You need to rebuild and re-install the ports version of OpenSSL, if you're using it. You need to rebuild and re-install anything that is statically linked against OpenSSL libraries (either ports or base). This is trickier than it sounds, because you need to either look at the source code / Makefiles for the software, or use nm(1), objdump(1) or similar to check for symbols from OpenSSL libraries in your statically linked binaries. Fortunately, static linking against OpenSSL is a pretty unusual thing to = do. Having done the above, you need to restart anything that loads OpenSSL shared libraries. That tends to be most network-aware software, so in many cases it might be easier to just reboot. Cheers, Matthew --m34R7us1Njelx4bRBJPNUuu1Dwfbw68Dx Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.20 (Darwin) iQJ8BAEBCgBmBQJVfZEjXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2NTNBNjhCOTEzQTRFNkNGM0UxRTEzMjZC QjIzQUY1MThFMUE0MDEzAAoJELsjr1GOGkATKd4QAJfjYyMBH+td3I+SIJCzQjQY 8eUZZ2b6mqwyjTkPXDs+qZFgWrctg05XY8TKGVJDx/crOdZmDyQL37875QKb7Ge2 M3z/ZW49qHwGYnQmFj6yfpQRuPGyP2kKW/lHb8vu85ijs2zoDuGGebVIzBfyfJVR nevuG3zqZC28KPwAMXkTA7pLnI41wW2qeK8fDgwSUyM/SDbdfwaQISAwMucdfNh5 7GEmmpslz33EUStAvSlbN8vUJSzyYKOUqidk+oIKLtBKPM2rE+llS3LNH9iIZR2p bfchvqfjRnZfRqqJRAzUC5A2LElOe4dI6yE/hoFu/+uk27OmmSI3VNwIF20s6KDU o7x2xwPoThoxNKMAKxxxW/Tfz/wVMHEoASLajtRylJSgLqJ/96JyPXwARAxMz4gM z/2/MVgPesVlpTbEagoxKYaZ5ThtC7ncOaIKCuKiPZzIJIV5/YFHA9neEp7HcKuL gKLolYY0LrHIL+uPKdsWIiV/zYwSdlaKCGxzx92InU2i9VJQSQTzmAR3wOasDLBg tIgtDKJ+aba7PRmX6szTulZI6e1/Ln36xutH8Cg+U2U4zcF2g2PT7qZqyaJ8JRPy KIv1hIdqsshT8lUEOLIjNr53q/jecOr60mx2T8O/PcLsjziHgqjEZu7/Dee/qO4d gTnU9ukf5ri14FRaJv3R =Ixx+ -----END PGP SIGNATURE----- --m34R7us1Njelx4bRBJPNUuu1Dwfbw68Dx-- From owner-freebsd-security@FreeBSD.ORG Sun Jun 14 23:36:36 2015 Return-Path: Delivered-To: freebsd-security@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B0801B00 for ; Sun, 14 Jun 2015 23:36:36 +0000 (UTC) (envelope-from rollingbits@gmail.com) Received: from mail-yk0-x230.google.com (mail-yk0-x230.google.com [IPv6:2607:f8b0:4002:c07::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 63F02231 for ; Sun, 14 Jun 2015 23:36:36 +0000 (UTC) (envelope-from rollingbits@gmail.com) Received: by ykar6 with SMTP id r6so17800541yka.2 for ; Sun, 14 Jun 2015 16:36:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:to:subject:mail-followup-to:references :mime-version:content-type:content-disposition:in-reply-to :user-agent; bh=FleD0YnpZAiGzUGrXj+IjCm2w49JH8keAgl3TPlAId0=; b=AlBXgsZbhr/YYeeqO1u9q4gbTDfDL0IUwvUsZFPRRALNEyH9WpowD10Do6SJtd0Dih mkSk4aIo8qj5uKflwiC0bkLjYgbH5k0Fai6PkxtpuD15KhioHChXypCb8PBEshGsns4S 7Yzp0vLhNb6IsyPnynmu6uMOBclB45j4Dc0yC7ED7VSGlZ2RyqtaF+3cGdEskaMMz1lM R8FmMIHEJ5w3JIjg8tVQKhBCVc2mjtSAM6ka2YEVgQ3PqBJgEpx+aUW3iRTyvQRu89XC B3amexiJnr292pj1TTD9UM16lBccpuG3PVwfl90JFDjXK0b3gDc2Dcd4qMnXPXdjvcH6 rpsQ== X-Received: by 10.129.130.196 with SMTP id s187mr30530401ywf.150.1434324995517; Sun, 14 Jun 2015 16:36:35 -0700 (PDT) Received: from clonix.invalid. ([201.82.172.224]) by mx.google.com with ESMTPSA id w6sm4790985ywf.31.2015.06.14.16.36.34 for (version=TLSv1 cipher=RC4-SHA bits=128/128); Sun, 14 Jun 2015 16:36:34 -0700 (PDT) Message-ID: <557e1002.0686810a.1490.6642@mx.google.com> X-Google-Original-Message-ID: <20150614233630.GA1333@clonix.invalid.> Received: from clonix.invalid. (localhost [127.0.0.1]) by clonix.invalid. (8.14.9/8.14.9) with ESMTP id t5ENaVB0001551 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sun, 14 Jun 2015 20:36:31 -0300 (BRT) (envelope-from rollingbits@clonix.invalid) Received: (from rollingbits@localhost) by clonix.invalid. (8.14.9/8.14.9/Submit) id t5ENaVnJ001550 for freebsd-security@freebsd.org; Sun, 14 Jun 2015 20:36:31 -0300 (BRT) (envelope-from rollingbits) Date: Sun, 14 Jun 2015 20:36:31 -0300 From: "rollingbits (Lucas)" To: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-15:10.openssl Mail-Followup-To: freebsd-security@freebsd.org References: <201506120743.t5C7hUdu035884@freefall.freebsd.org> <557ce708.2119ec0a.12bc.7872@mx.google.com> <557D911C.8060101@FreeBSD.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="VbJkn9YxBvnuCH5J" Content-Disposition: inline In-Reply-To: <557D911C.8060101@FreeBSD.org> User-Agent: Mutt/1.5.23 (2014-03-12) X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 14 Jun 2015 23:36:36 -0000 --VbJkn9YxBvnuCH5J Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Jun 14, 2015 at 10:35:08AM -0400, Matthew Seaman wrote: > On 13/06/2015 22:28, rollingbits (Lucas) wrote: > > On Fri, Jun 12, 2015 at 07:43:30AM +0000, FreeBSD Security Advisories w= rote: > >> 1) Upgrade your vulnerable system to a supported FreeBSD stable > >> or release / security branch (releng) dated after the correction > >> date. > >=20 > > Do I need rebuild my packages too? >=20 > You need to rebuild and re-install the ports version of OpenSSL, if > you're using it. >=20 > You need to rebuild and re-install anything that is statically > linked against OpenSSL libraries (either ports or base). This is > trickier than it sounds, because you need to either look at the > source code / Makefiles for the software, or use nm(1), objdump(1) > or similar to check for symbols from OpenSSL libraries in your > statically linked binaries. Fortunately, static linking against > OpenSSL is a pretty unusual thing to do. >=20 > Having done the above, you need to restart anything that loads > OpenSSL shared libraries. That tends to be most network-aware > software, so in many cases it might be easier to just reboot. Ok, thank you. --=20 rollingbits -- rollingbits@gmail.com, rollingbits@terra.com.br lucasnm@ig.com.br, rollingbits@yahoo.com, rollingbits@globo.com Get my public GPG key in http://rollingbits.tripod.com/mykey.html --VbJkn9YxBvnuCH5J Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iEYEARECAAYFAlV+D/EACgkQH56BwuUGQbVwegCgpTt4Y8yHIUpAEHRTDYs0+pUl eYgAoN/1YkFHCE+BIasEWGqRS2CvjI0k =zAIh -----END PGP SIGNATURE----- --VbJkn9YxBvnuCH5J-- From owner-freebsd-security@FreeBSD.ORG Thu Jun 18 16:10:17 2015 Return-Path: Delivered-To: freebsd-security@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B5EE2125 for ; Thu, 18 Jun 2015 16:10:17 +0000 (UTC) (envelope-from pkubaj@riseup.net) Received: from mx1.riseup.net (mx1.riseup.net [198.252.153.129]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "*.riseup.net", Issuer "COMODO RSA Domain Validation Secure Server CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 96A79C97 for ; Thu, 18 Jun 2015 16:10:17 +0000 (UTC) (envelope-from pkubaj@riseup.net) Received: from plantcutter.riseup.net (plantcutter-pn.riseup.net [10.0.1.121]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (Client CN "*.riseup.net", Issuer "COMODO RSA Domain Validation Secure Server CA" (verified OK)) by mx1.riseup.net (Postfix) with ESMTPS id 1F72C41EBF for ; Thu, 18 Jun 2015 16:02:40 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak; t=1434643360; bh=3y2zrQQK9lYEWnAwDKK1IxAf7J1o75W6SiGfbsyER6U=; h=Date:From:To:Subject:From; b=jSLE+klIwNgdAJz0QEKIdStHJskBdIl3OtSJQT8vS+HKpLXxx3TXj196CZM2hQ6nV HyB6ztPG2qci9jAvLe3Ou3oI7lu3GsllEpwHHlLwmkiHNUt2g3dYNXC329ThAnQne7 H3jBujsOLHdYeoiBChGvEh3NBetXIZ0CrDDFKaUw= Received: from [127.0.0.1] (localhost [127.0.0.1]) (Authenticated sender: pkubaj) with ESMTPSA id 17A7F23741 Message-ID: <5582EB98.2020502@riseup.net> Date: Thu, 18 Jun 2015 18:02:32 +0200 From: Piotr Kubaj User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0 MIME-Version: 1.0 To: freebsd-security@freebsd.org Subject: LibreSSL in base? Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="vgwwcuaqhv2uVeEKqfg033wLOBkfDLF7B" X-Virus-Scanned: clamav-milter 0.98.7 at mx1 X-Virus-Status: Clean X-Mailman-Approved-At: Thu, 18 Jun 2015 16:53:52 +0000 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 18 Jun 2015 16:10:17 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --vgwwcuaqhv2uVeEKqfg033wLOBkfDLF7B Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Are there any plans to use LibreSSL in base (at least as an experimental feature, available when compiling with e.g. WITH_LIBRESSL in src.conf)? If not, is 11.0-RELEASE going to have OpenSSL 1.0.2? --vgwwcuaqhv2uVeEKqfg033wLOBkfDLF7B Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBAgAGBQJVguuZAAoJEC9nKukRsfY+LoEP/2WMcTdQgy8JqaBY6fzmv3jJ 5+XL54E82LEDjvrukXas+78+O0U6Zg/CH4qTPK8BPhLbVL4v52BBQ5ZDEQzXvm2I 3ig/O1DIGq1APDkC8kzAGccMQRbIsLrcYZAwPYNge3Kt40ULtXrNMOUI7YFAMpag gcTNGdfxngkNBr/A+6KpBfdyZxkEXBsiMxRW0zP5LstbxVI2KZhjImzmT7WrdRwS dH6ovOmpDg/YU2KtuV8rz6pny5YapNGOegFTGWC2U3p7oQ9fUTKFToiGXOnDTIjc T+OEFG6CBniuHUaQ9f/GLe9potPGr7fdsE0gPUl16cy79M4YHpWdrvgZWnqxGRtY x1W0ubHJTxdymTZGS3S9bLtclEsiLAg1EwQxUKciP5V5EriNIvML0DFqnKx7dpbh avqM5LQLcM+PfTsT7M+mjmLt7joO+hl7vShokXHPpfmyI9Y8y0JPMECUmsmA+CpF 9X+rz8h2a/VqSQUz/3EX5pcLItA7LLVnaqBsMfAfD+3KqteYr6dddQV6006lVjB9 niA6LHLjEvQuSvDxULcSWXCBEEdoGQE1b5WYGpGRtGnWIogwjSun8/uUJ5vDIGQT 6lwWy+CG8MfZ1q03YGxQG3LL75HstMgOqVuhjy3To/JP1W4aEQTyS43CnwKmkObm Ls/7BcdM2WpTvD2YD7z1 =tXsr -----END PGP SIGNATURE----- --vgwwcuaqhv2uVeEKqfg033wLOBkfDLF7B-- From owner-freebsd-security@FreeBSD.ORG Sat Jun 20 14:28:12 2015 Return-Path: Delivered-To: freebsd-security@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E3C184F1 for ; Sat, 20 Jun 2015 14:28:12 +0000 (UTC) (envelope-from julian@freebsd.org) Received: from vps1.elischer.org (vps1.elischer.org [204.109.63.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "vps1.elischer.org", Issuer "CA Cert Signing Authority" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id A2709ACC for ; Sat, 20 Jun 2015 14:28:12 +0000 (UTC) (envelope-from julian@freebsd.org) Received: from Julian-MBP3.local (50-196-156-133-static.hfc.comcastbusiness.net [50.196.156.133]) (authenticated bits=0) by vps1.elischer.org (8.14.9/8.14.9) with ESMTP id t5KES63Z015027 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Sat, 20 Jun 2015 07:28:09 -0700 (PDT) (envelope-from julian@freebsd.org) Message-ID: <55857871.2000708@freebsd.org> Date: Sat, 20 Jun 2015 22:28:01 +0800 From: Julian Elischer User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:31.0) Gecko/20100101 Thunderbird/31.7.0 MIME-Version: 1.0 To: Piotr Kubaj , freebsd-security@freebsd.org Subject: Re: LibreSSL in base? References: <5582EB98.2020502@riseup.net> In-Reply-To: <5582EB98.2020502@riseup.net> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 20 Jun 2015 14:28:13 -0000 On 6/19/15 12:02 AM, Piotr Kubaj wrote: > Are there any plans to use LibreSSL in base (at least as an experimental > feature, available when compiling with e.g. WITH_LIBRESSL in src.conf)? > If not, is 11.0-RELEASE going to have OpenSSL 1.0.2? > none that I know of. Our current zebra is black with white stripes.. that one is white with black stripes.