From owner-svn-src-all@FreeBSD.ORG  Wed Apr  9 14:01:29 2014
Return-Path: <owner-svn-src-all@FreeBSD.ORG>
Delivered-To: svn-src-all@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 38B619CC;
 Wed,  9 Apr 2014 14:01:29 +0000 (UTC)
Received: from smtp.des.no (smtp.des.no [194.63.250.102])
 by mx1.freebsd.org (Postfix) with ESMTP id E9B4F1B4F;
 Wed,  9 Apr 2014 14:01:28 +0000 (UTC)
Received: from nine.des.no (smtp.des.no [194.63.250.102])
 by smtp-int.des.no (Postfix) with ESMTP id 0E2F2630A;
 Wed,  9 Apr 2014 14:01:28 +0000 (UTC)
Received: by nine.des.no (Postfix, from userid 1001)
 id 45A00226; Wed,  9 Apr 2014 16:01:28 +0200 (CEST)
From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no>
To: Bryan Drewery <bdrewery@FreeBSD.org>
Subject: Re: svn commit: r264265 - in head: crypto/openssl/crypto/bn
 crypto/openssl/crypto/ec crypto/openssl/ssl sys/fs/nfsserver
References: <201404081827.s38IRXiL048987@svn.freebsd.org>
 <e25208600d1ed778a20d6ac8596c658a@shatow.net>
Date: Wed, 09 Apr 2014 16:01:28 +0200
In-Reply-To: <e25208600d1ed778a20d6ac8596c658a@shatow.net> (Bryan Drewery's
 message of "Tue, 08 Apr 2014 15:55:18 -0500")
Message-ID: <86bnwa7gav.fsf@nine.des.no>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (berkeley-unix)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org,
 src-committers@freebsd.org, Xin LI <delphij@freebsd.org>, secteam@FreeBSD.org
X-BeenThere: svn-src-all@freebsd.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "SVN commit messages for the entire src tree \(except for &quot;
 user&quot; and &quot; projects&quot; \)" <svn-src-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-all/>
List-Post: <mailto:svn-src-all@freebsd.org>
List-Help: <mailto:svn-src-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Apr 2014 14:01:29 -0000

Bryan Drewery <bdrewery@FreeBSD.org> writes:
> Also, that this was a partial release of 1.0.1g is confusing a LOT of
> users. They think they are still vulnerable. They expect to see 1.0.1g
> in 'openssl version'. We could have our own version string in 'openssl
> version' to remedy this.

This is no different from what other OSes do, e.g. RHEL6.5:

% cat /etc/redhat-release=20
Red Hat Enterprise Linux Workstation release 6.5 (Santiago)
% openssl version
OpenSSL 1.0.1e-fips 11 Feb 2013
% TZ=3DUTC rpm -qi openssl
Name        : openssl                      Relocations: (not relocatable)
Version     : 1.0.1e                            Vendor: Red Hat, Inc.
Release     : 16.el6_5.7                    Build Date: Mon 07 Apr 2014 11:=
34:45 AM UTC
Install Date: Tue 08 Apr 2014 05:18:52 AM UTC      Build Host: x86-027.buil=
d.eng.bos.redhat.com
[...]

which despite the version number and date is *not* vulnerable.

DES
--=20
Dag-Erling Sm=C3=B8rgrav - des@des.no