Re: OpenSSL and Heimdal
Robert Simmons wrote:
> Is there a plan to update OpenSSL to patch for CVE-2012-2131?
>
> Also, is the DOS vulnerability in libkrb5 that Heimdal 1.5.2 patches
> present in Heimdal 1.1 which shipped with 9.0-RELEASE?
I'll second this one.
1. Is there any plans on updating openssl and why not? It's getting a
bad hype nowadays. And will we ever support TLS v1.[12]? BEAST attack
seems to be not so far from most of us:
https://community.qualys.com/blogs/securitylabs/2011/10/17/mitigating-the-beast-attack-on-tls
2. What's with CVE-2011-1945? I'm waiting for months for just a tiny
comment on this one as if this truly is not fixed in our source all 9.0
installations with world-open ssh are potentially vulnerable.
3. DragonFly is much faster then we are, they have 1.0.1b on master
branch, while we have 1.0.1a in ports. They also already removed heimdal
from base and pkgsrc has 1.5.2 available with our 1.4 present in ports.
--
Sphinx of black quartz judge my vow.
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 2 之 13 篇):