Re: OpenSSL 0.9.8k -> 0.9.8l



Tim Gustafson <tjg@xxxxxxxxxxxx> writes:
"Dag-Erling Smørgrav" <des@xxxxxx> writes:
RELENG_8_0 is 8.0 + critical bug fixes.
From what I gather, the exploits in 0.9.8k are pretty serious. :\

If you mean FreeBSD-SA-09:15.ssl, that's been fixed in 8.0, although the
OpenSSL version number was not changed. I assume that you have read the
handbook and are familiar with the concept of security advisories and
how to patch your system using freebsd-update(8), so I won't waste your
time with the details.

From what I gather, the exploits in 0.9.8k are pretty serious. :\

Heard you the first time.

DES
--
Dag-Erling Smørgrav - des@xxxxxx
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"



Relevant Pages

  • Re: sendmail 8.14.2 available
    ... First time in 5 years sendmail failed to build on the first try. ... (symbol belongs to implicit dependency /usr/lib/libdl.so.1) ... Well, in fact, that's true that it was odd enough but only because it demonstrates what happens when you get interrupted and don't get back to a job. ... That version of openssl was never completely installed and I'd forgotten about it. ...
    (comp.mail.sendmail)
  • Re: OpenSSL 0.9.8k -> 0.9.8l
    ... Tim Gustafson writes: ... there's a problem with OpenSSL 0.9.8k that requires us to upgrade to ... 0.9.8l for us to maintain our compliance level. ...
    (FreeBSD-Security)