Date: Tue, 08 Apr 2014 20:21:58 +0200 From: Christian Laursen <xi@borderworlds.dk> To: freebsd-security@freebsd.org Subject: Re: FreeBSD's heartbleed response Message-ID: <53443E46.1020902@borderworlds.dk> In-Reply-To: <20140408181745.F06A2C007AD@frontend1.nyi.mail.srv.osa> References: <20140408181745.F06A2C007AD@frontend1.nyi.mail.srv.osa>
next in thread | previous in thread | raw e-mail | index | archive | help
On 04/08/14 20:17, Merijn Verstraaten wrote: > Unless I misunderstood earlier emails, the heartbeat extension os ALREADY disabled in base, therefore FreeBSD base isn't vulnerable and the only problem is people who installed a newer OpenSSL from ports. It would be nice, if so@ would send out such a statement to the security-announce list ahead of the actual advisory, so that fewer people will be panicing. -- Christian Laursen
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?53443E46.1020902>