Date: Thu, 10 Dec 2009 13:22:42 +0100 From: =?UTF-8?B?Qm9nZGFuIMSGdWxpYnJr?= <bc@default.rs> To: =?UTF-8?B?RGFnLUVybGluZyBTbcO4cmdyYXY=?= <des@des.no> Cc: freebsd-security@freebsd.org, wollman@bimajority.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-09:15.ssl Message-ID: <4B20E812.508@default.rs> In-Reply-To: <86my1rm4ic.fsf@ds4.des.no> References: <4B20D86B.7080800@default.rs> <86my1rm4ic.fsf@ds4.des.no>
next in thread | previous in thread | raw e-mail | index | archive | help
Dag-Erling Smørgrav wrote: > Bogdan Ćulibrk <bc@default.rs> writes: >> This advisory kinda made big problem here in local (things stopped >> working). I had to do rollback this update because of "session >> renegotiation" breakage. > > That's the whole point, the patch disables session renegotiation because > it's fundamentally broken. > >> Is there some workaround to make things work along with this advisory? > > You didn't mention *what* stopped working. > >> Maybe switch to ports/security/openssl ? > > Won't make any difference. > > DES Hello, basically whole communication between two application relied on using exactly this "funcionality" in openssl.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4B20E812.508>