Re: FreeBSD Security Advisory FreeBSD-SA-14:06.openssl

看板FB_security作者時間11年前 (2014/04/10 02:01), 編輯推噓0(000)
留言0則, 0人參與, 最新討論串9/14 (看更多)
----- Original Message ----- From: "Karl Denninger" <karl@denninger.net> On 4/9/2014 9:21 AM, Zoran Kolic wrote: >> Advisory claims 10.0 only to be affected. Patches to >> branch 9 are not of importance on the same level? >> >> > 9 (and before) were only impacted if you loaded the newer OpenSSL from > ports. A fair number of people did, however, as a means of preventing > BEAST attack vectors. > > If you did, then you need to update that and have all your private keys > re-issued. If you did not then you never had the buggy code in the > first place. Actually they are vulnerable without any ports install just not to CVE-2014-0160 only CVE-2014-0076, both of which where fixed by SA-14:06.openssl Regards Steve _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
更多 killing. 的文章
文章代碼(AID): #1JHOhWEH (FB_security)
討論串 (同標題文章)
完整討論串 (本文為第 9 之 14 篇):
排序: 最新先 | 最舊先 | 留言數
在新視窗開啟完整討論串 (共14篇)
更多 killing. 的文章
文章代碼(AID): #1JHOhWEH (FB_security)