[Bug 279891] freebsd-update fetch does not use any TLS which is a security risk
Date: Fri, 21 Jun 2024 12:18:27 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=279891 Bug ID: 279891 Summary: freebsd-update fetch does not use any TLS which is a security risk Product: Base System Version: Unspecified Hardware: Any OS: Any Status: New Severity: Affects Many People Priority: --- Component: bin Assignee: bugs@FreeBSD.org Reporter: p5B2EA84B3@t-online.de Fetching system components without any Transport Layer Security must be considered as an exposure to mitm-risks. Please be advised that multiple policies in professional environments were rolled out that require TLS on ANY network connection. This means that FreeBSD will fail passing security audits due to that problem where there is such requirements. -- You are receiving this mail because: You are the assignee for the bug.