Re: OpenSSL 0.9.8k -> 0.9.8l



On Sat, Apr 17, 2010 at 10:49 AM, Tim Gustafson <tjg@xxxxxxxxxxxx> wrote:
Hi,

I run a few web servers with need to be PCI compliant.  Apparently there's a problem with OpenSSL 0.9.8k that requires us to upgrade to 0.9.8l for us to maintain our compliance level.

I've csup'd to RELENG_8_0 and did a build/install cycle and OpenSSL is still at 0.9.8k.  Using RELENG_8 isn't really an option for me because the last I upgraded to that level, ipfw was broken and I'm not sure that the problem with ipfw has been fixed (Luigi tells me that it has, but I haven't had time to test it yet).

Is there any movement to patch RELENG_8_0 with OpenSSL 0.9.8l?  Or will I be stuck with 0.9.8k until I move to RELENG_8?

Tim Gustafson

This isn't an answer to your question, but you could always use
OpenSSL from the ports tree.

http://www.freebsd.org/cgi/cvsweb.cgi/ports/security/openssl/

It's at version 1.0.0.
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"



Relevant Pages

  • Re: OpenSSL 0.9.8k -> 0.9.8l
    ... I run a few web servers with need to be PCI compliant. ... Apparently there's a problem with OpenSSL 0.9.8k that requires us to upgrade to 0.9.8l for us to maintain our compliance level. ...
    (FreeBSD-Security)
  • OpenSSL 0.9.8k -> 0.9.8l
    ... I run a few web servers with need to be PCI compliant. ... Apparently there's a problem with OpenSSL 0.9.8k that requires us to upgrade to 0.9.8l for us to maintain our compliance level. ...
    (freebsd-questions)
  • OpenSSL 0.9.8k -> 0.9.8l
    ... I run a few web servers with need to be PCI compliant. ... Apparently there's a problem with OpenSSL 0.9.8k that requires us to upgrade to 0.9.8l for us to maintain our compliance level. ...
    (FreeBSD-Security)
  • Re: OpenSSL 0.9.8k -> 0.9.8l
    ... I run a few web servers with need to be PCI compliant. ... Apparently there's a problem with OpenSSL 0.9.8k that requires us to upgrade to 0.9.8l for us to maintain our compliance level. ...
    (freebsd-questions)
  • Re: HP-OpenSSL 1.4-471
    ... The OpenSSL APIs saw some incompatible changes from the upstream sources at V1.4 and are not upward-compatible. ... Which means the 1.4 upgrade can be a mildly disruptive upgrade, as you have to upgrade Apache and some other pieces that have dependencies on OpenSSL.) ... When the OpenSSL 1.0 APIs are ported and released, that'll likely entail another incompatible API change and related shuffle, AFAIK. ...
    (comp.os.vms)