From owner-freebsd-questions@FreeBSD.ORG Fri Nov 19 20:56:34 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 33966106566B for ; Fri, 19 Nov 2010 20:56:34 +0000 (UTC) (envelope-from bonomi@mail.r-bonomi.com) Received: from mail.r-bonomi.com (ns2.r-bonomi.com [204.87.227.129]) by mx1.freebsd.org (Postfix) with ESMTP id ABABC8FC08 for ; Fri, 19 Nov 2010 20:56:32 +0000 (UTC) Received: (from bonomi@localhost) by mail.r-bonomi.com (8.14.3/rdb1) id oAJKsOPk011590; Fri, 19 Nov 2010 14:54:24 -0600 (CST) Date: Fri, 19 Nov 2010 14:54:24 -0600 (CST) From: Robert Bonomi Message-ID: <201011192054.oAJKsOPk011590@mail.r-bonomi.com> To: freebsd-questions@freebsd.org, nr1c0re@gmail.com Cc: Subject: Re: openssl version - how to verify X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 19 Nov 2010 20:56:34 -0000 > From owner-freebsd-questions@freebsd.org Mon Nov 15 09:38:53 2010 > Date: Mon, 15 Nov 2010 18:40:27 +0300 > From: c0re > To: FreeBSD > Subject: Re: openssl version - how to verify > > 2010/11/15 Jerry : > There are still too many broken ports with openssl from ports, I do > not like debug it and really like to use base openssl, almost no > difference. > But I just want to have some proves that base system openssl has > security patches because 7.3-RELEASE base openssl is 0.9.8e, but > 0.9.8e has got security vulnerabilities. But how can I be sure that > freebsd base system with 0.9.8e version does not have any > vulnerabilities? _authoritative_ answer: You _cannot_. Statement rationale: "The number of discovered bugs in any system is a finite number. The number of _UNDISCOVERED_ bugs, on the other hand, is an infinite one. By definition."