FreeBSD OpenSSL and CVE-2010-0742



Hey,

Just FYI for anybody who might need it. FreeBSD isn't affected by the
latest OpenSSL security issues.

The issue with the name CVE-2010-1633 isn't relevant as FreeBSD does
not yet have OpenSSL 1.0 imported.

For CVE-2010-0742 the affected 'CMS' module is not enabled in FreeBSD.

References:

http://www.openssl.org/news/secadv_20100601.txt
http://svn.freebsd.org/viewvc/base/stable/8/secure/lib/libcrypto/Makefile?annotate=196045#l329

--
Simon L. Nielsen
Hat: OpenSSL maintainer

Attachment: pgpm11Iv4G6eL.pgp
Description: PGP signature



Relevant Pages

  • RE: FreeBSD Security Advisory FreeBSD-SA-06:23.openssl
    ... The description of CVE-2006-3738 in the advisory from openssl.org ... Subject: FreeBSD Security Advisory FreeBSD-SA-06:23.openssl ... FreeBSD includes software from the OpenSSL Project. ... Applications which perform public key operations using untrusted keys may be ...
    (FreeBSD-Security)
  • FreeBSD Security Advisory FreeBSD-SA-01:51.openssl
    ... FreeBSD includes software from the OpenSSL Project. ... A flaw in the pseudo-random number generator (PRNG) of OpenSSL ... An experimental upgrade package is available for users who wish to ...
    (FreeBSD-Security)
  • FreeBSD Security Advisory FreeBSD-SA-12:01.openssl
    ... For general information regarding FreeBSD Security Advisories, ... FreeBSD includes software from the OpenSSL Project. ... OpenSSL support for handshake restarts for server gated cryptography ... The patch provided with the initial version of this advisory introduced ...
    (Bugtraq)
  • [FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-12:01.openssl
    ... For general information regarding FreeBSD Security Advisories, ... FreeBSD includes software from the OpenSSL Project. ... OpenSSL support for handshake restarts for server gated cryptography ... The patch provided with the initial version of this advisory introduced ...
    (freebsd-announce)
  • FreeBSD Security Advisory FreeBSD-SA-12:01.openssl
    ... For general information regarding FreeBSD Security Advisories, ... FreeBSD includes software from the OpenSSL Project. ... OpenSSL support for handshake restarts for server gated cryptography ... The patch provided with the initial version of this advisory introduced ...
    (FreeBSD-Security)