Re: OpenSSL 0.9.8k -> 0.9.8l

From: Dag-Erling Smørgrav <des@xxxxxx>
Date: Wed, 21 Apr 2010 08:14:53 +0200

Tim Gustafson <tjg@xxxxxxxxxxxx> writes:

"Dag-Erling Smørgrav" <des@xxxxxx> writes:

RELENG_8_0 is 8.0 + critical bug fixes.

From what I gather, the exploits in 0.9.8k are pretty serious. :\

If you mean FreeBSD-SA-09:15.ssl, that's been fixed in 8.0, although the
OpenSSL version number was not changed. I assume that you have read the
handbook and are familiar with the concept of security advisories and
how to patch your system using freebsd-update(8), so I won't waste your
time with the details.

From what I gather, the exploits in 0.9.8k are pretty serious. :\

Heard you the first time.

DES
--
Dag-Erling Smørgrav - des@xxxxxx
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"

References:
- Re: OpenSSL 0.9.8k -> 0.9.8l
  - From: Tim Gustafson

Prev by Date: Re: OpenSSL 0.9.8k -> 0.9.8l
Next by Date: Re: OpenSSL 0.9.8k -> 0.9.8l
Previous by thread: Re: OpenSSL 0.9.8k -> 0.9.8l
Index(es):
- Date
- Thread

Relevant Pages

Re: sendmail 8.14.2 available
... First time in 5 years sendmail failed to build on the first try. ... (symbol belongs to implicit dependency /usr/lib/libdl.so.1) ... Well, in fact, that's true that it was odd enough but only because it demonstrates what happens when you get interrupted and don't get back to a job. ... That version of openssl was never completely installed and I'd forgotten about it. ...
(comp.mail.sendmail)
Re: OpenSSL 0.9.8k -> 0.9.8l
... Tim Gustafson writes: ... there's a problem with OpenSSL 0.9.8k that requires us to upgrade to ... 0.9.8l for us to maintain our compliance level. ...
(FreeBSD-Security)