Date: Wed, 30 Apr 2014 21:48:20 +0200 From: Michael Grimm <trashcan@odo.in-berlin.de> To: freebsd-security@freebsd.org Cc: "freebsd-ports@freebsd.org" <freebsd-ports@freebsd.org> Subject: Re: ports requiring OpenSSL not honouring OpenSSL from ports Message-ID: <445CDD31-5A11-4F5E-92DE-CB11A10E9BDE@odo.in-berlin.de> In-Reply-To: <201404272250.s3RMo2NZ095771@catnip.dyslexicfish.net> References: <201404271508.s3RF8sMA014085@catnip.dyslexicfish.net> <CACdU%2Bf_Wo6VDcJkn6tmF8MTU49=rnJM7SB6XxofGZVdukSarHA@mail.gmail.com> <201404272250.s3RMo2NZ095771@catnip.dyslexicfish.net>
next in thread | previous in thread | raw e-mail | index | archive | help
[CC'd to freebsd-ports] On 28.04.2014, at 00:50, Jamie Landeg-Jones <jamie@dyslexicfish.net> = wrote: > Scot Hetzel <swhetzel@gmail.com> wrote: > Here's a list of some that link against /lib/libcrypto.so.7 and/or > /lib/libssl.so.7 [...] > devel/android-tools-adb > net-p2p/transmission-cli > net-p2p/transmission-daemon > net/socat > net/svnup > ports-mgmt/pkg > security/john > security/scrypt > security/trousers > sysutils/tarsnap + www/nginx It took me some time to realize that nginx continued to be vulnerable = (heartbleed) even after: 1) creating upgraded poudriere jail (svn,stable10) 2) rebuilding all installed ports in that jail by poudriere 3) reinstalling all ports 4) rebuilding world and kernel (svn, stable10) 5) rebooting Well, I should have started with 4) instead. Now I know ;-)=20 Regards, Michael
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?445CDD31-5A11-4F5E-92DE-CB11A10E9BDE>