Date: Tue, 30 Jul 2002 18:56:12 +0200 From: =?iso-8859-1?Q?Geir_R=E5ness?= <pulz@pulz.no> To: <gabriel_ambuehl@buz.ch> Cc: <freebsd-security@freebsd.org> Subject: Re: Re[2]: About the openssl hole Message-ID: <002301c237ea$04b4d4f0$fa00a8c0@elixor> References: <004001c237cf$23c00560$fa00a8c0@elixor> <170112657687.20020730181657@buz.ch> <000d01c237e5$ceede1d0$fa00a8c0@elixor> <5113861671.20020730183701@buz.ch>
next in thread | previous in thread | raw e-mail | index | archive | help
I talked with an freind of mine who tried this solution, and he told me = that it where only one patch that failed. If you remove the patch "patch-ah" the build will go fine. But as many know, the port of openssl will not completly replace the = core openssl. (You could see this if you build mod_ssl) So the best thing is to wait for en offical patch. Best Regards Geir R=E5ness ----- Original Message -----=20 From: "Gabriel Ambuehl" <gabriel_ambuehl@buz.ch> To: "Geir R=E5ness" <pulz@pulz.no> Cc: <freebsd-security@freebsd.org> Sent: Tuesday, July 30, 2002 6:37 PM Subject: Re[2]: About the openssl hole > -----BEGIN PGP SIGNED MESSAGE----- >=20 > Hello Geir, >=20 > Tuesday, July 30, 2002, 6:26:05 PM, you wrote: >=20 > > I cant do that, but you could easy edit the old port your self and > fix it that way. >=20 > Well I tried to do that... It's just that openssl.org is practically > down (you know what I mean...) and thus I was pretty much out of luck >=20 > > It's your own choice what to do, if you want to risk it do so. >=20 > I would have risked it (in any case, it's still better to kill SSL > services myself trying to defend from the blackhats than having the > blackhats destroying everything...) >=20 > > If not, wait for the freebsd team to make an patch for us. >=20 > That's more or less what I'm doing now. >=20 > > If you take a quick look at the current branch you will se that > > the openssl is changed to 0.9.6.e, but as we know, current branch > aint so stable. >=20 > I'll have another shot at current once the TrustedBSD stuff is in > cause I really want to have ACLs ASAP but running it in production is > entirely out of question right now. >=20 >=20 >=20 > Best regards, > Gabriel >=20 > -----BEGIN PGP SIGNATURE----- > Version: PGP 6.0.2i >=20 > iQEVAwUBPUayoMZa2WpymlDxAQHS2wf9GgUFkA3eI2rSJlKYynsnzisode50bYdW > TINnOJW/8mYYUBTiIXDLYZ6Xt+ZZhu+0LzlCQcu9XvgHnxsabDztUYAdGt/XCmde > BAUysjmfoRR9FlUEjK9brovds/LKiKODoBSmN2LUSnPDUm0V0ojJbezfQPiRIEmc > yHa4cKxWJoMq4gRNRTOCLr2rwVe78rbK1xw3ICe+Z0cDUzJX8VzZijKfzY39aZ9L > OPSMdLQ0cJf1ASsJRthNRqzHc299oVdNbRoFia1AR9p1fpaN2u/0qu/9GxQQtYKY > T4z17Enao5A8Htf2tJcWZ1/+AXkJ639/gsYUflfV7HgLruEKAwIYoA=3D=3D > =3DnLA8 > -----END PGP SIGNATURE----- >=20 >=20 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?002301c237ea$04b4d4f0$fa00a8c0>