Re: FreeBSD Security Advisory FreeBSD-SA-14:14.openssl
--n+lFg1Zro7sl44OB
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Thu, 05 Jun 2014, 13:16 +0000, FreeBSD Security Advisories wrote:
> Corrected:
> 2014-06-05 12:33:23 UTC (releng/9.2, 9.2-RELEASE-p8)
> VI. Correction details
> Branch/path Revision
> -------------------------------------------------------------------------
> releng/9.2/ r267104
I've just src-upgraded a system and expected to see OpenSSL version
0.9.8za at the end of it all. I checked the patches and the OpenSSL
version number wasn't touched. Is this an expected outcome?
rwsrv04> uname -v; openssl version
FreeBSD 9.2-RELEASE-p8 #0 r267130: Fri Jun 6 12:43:09 AEST 2014...
OpenSSL 0.9.8y 5 Feb 2013
rwsrv04> ls -l /usr/lib/libssl.so.6
-r--r--r-- 1 root wheel 304808 6 Jun 13:31 /usr/lib/libssl.so.6
I understand that it was the FreeBSD distribution that was patched and
not the OpenSSL distribution, but having the operating system and
applications reporting a "vulnerable" version of OpenSSL isn't
reassuring to other folks.
--=20
John Marshall
--n+lFg1Zro7sl44OB
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (FreeBSD)
iEYEARECAAYFAlORRLcACgkQw/tAaKKahKIhewCgsmZjvSAB8Irz7zySOuanv3Sc
xFEAn0h+TQ5hmLldOcVtHmoV6A0buPup
=+7zl
-----END PGP SIGNATURE-----
--n+lFg1Zro7sl44OB--
討論串 (同標題文章)
完整討論串 (本文為第 12 之 14 篇):