From nobody Tue Apr 09 00:18:42 2024
X-Original-To: freebsd-security@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4VD65C12Xsz5G7gV;
	Tue,  9 Apr 2024 00:18:55 +0000 (UTC)
	(envelope-from freebsd-security-local@be-well.ilk.org)
Received: from be-well.ilk.org (be-well.ilk.org [23.30.133.173])
	by mx1.freebsd.org (Postfix) with ESMTP id 4VD65B2LNgz4cRp;
	Tue,  9 Apr 2024 00:18:54 +0000 (UTC)
	(envelope-from freebsd-security-local@be-well.ilk.org)
Authentication-Results: mx1.freebsd.org;
	dkim=none;
	dmarc=pass (policy=none) header.from=ilk.org;
	spf=pass (mx1.freebsd.org: domain of freebsd-security-local@be-well.ilk.org designates 23.30.133.173 as permitted sender) smtp.mailfrom=freebsd-security-local@be-well.ilk.org
Received: from lowell-Ubuntu.lan (lowell-Ubuntu.lan [172.30.250.95])
	by be-well.ilk.org (Postfix) with ESMTP id D943F36E23;
	Mon, 08 Apr 2024 20:18:42 -0400 (EDT)
Received: by lowell-Ubuntu.lan (Postfix, from userid 1147)
	id 6628510803C3; Mon,  8 Apr 2024 20:18:42 -0400 (EDT)
From: Lowell Gilbert <freebsd-security-local@be-well.ilk.org>
To: The Doctor <doctor@doctor.nl2k.ab.ca>
Cc: freebsd-security@freebsd.org,  freebsd-ports@freebsd.org
Subject: Re: [tomas@openssl.org: OpenSSL Security Advisory]
In-Reply-To: <ZhP8ahh3CGG11S0B@doctor.nl2k.ab.ca> (The Doctor's message of
	"Mon, 8 Apr 2024 08:17:14 -0600")
References: <ZhP8ahh3CGG11S0B@doctor.nl2k.ab.ca>
Reply-To: freebsd-security@freebsd.org
Date: Mon, 08 Apr 2024 20:18:42 -0400
Message-ID: <4434rv1j8d.fsf@be-well.ilk.org>
User-Agent: Gnus/5.13 (Gnus v5.13)
List-Id: Security issues <freebsd-security.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-security
List-Help: <mailto:freebsd-security+help@freebsd.org>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Subscribe: <mailto:freebsd-security+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-security+unsubscribe@freebsd.org>
Sender: owner-freebsd-security@freebsd.org
X-BeenThere: freebsd-security@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain
X-Spamd-Bar: ---
X-Spamd-Result: default: False [-3.60 / 15.00];
	NEURAL_HAM_LONG(-1.00)[-1.000];
	NEURAL_HAM_MEDIUM(-1.00)[-0.999];
	NEURAL_HAM_SHORT(-0.90)[-0.899];
	DMARC_POLICY_ALLOW(-0.50)[ilk.org,none];
	R_SPF_ALLOW(-0.20)[+a];
	MIME_GOOD(-0.10)[text/plain];
	RCVD_NO_TLS_LAST(0.10)[];
	TO_DN_SOME(0.00)[];
	MIME_TRACE(0.00)[0:+];
	ARC_NA(0.00)[];
	ASN(0.00)[asn:7922, ipnet:23.30.0.0/15, country:US];
	MID_RHS_MATCH_FROM(0.00)[];
	R_DKIM_NA(0.00)[];
	FROM_EQ_ENVFROM(0.00)[];
	FROM_HAS_DN(0.00)[];
	HAS_REPLYTO(0.00)[freebsd-security@freebsd.org];
	REPLYTO_DOM_NEQ_FROM_DOM(0.00)[];
	RCVD_COUNT_TWO(0.00)[2];
	TO_MATCH_ENVRCPT_SOME(0.00)[];
	MLMMJ_DEST(0.00)[freebsd-ports@freebsd.org,freebsd-security@freebsd.org];
	RCPT_COUNT_THREE(0.00)[3]
X-Rspamd-Queue-Id: 4VD65B2LNgz4cRp

The Doctor <doctor@doctor.nl2k.ab.ca> writes:

> Thought they say low, I believe this is high as TLS 1.3 is becoming a default.

I think the low priority comes from the fact that even though a lot of
systems use TLS 1.3, only an extremely small number of them meet all of
the conditions for this to be exploited.

Be well.