[Bug 231326] security/openssl111 has default port options that are unsafe
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Wed Sep 12 12:45:39 UTC 2018
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=231326
Bug ID: 231326
Summary: security/openssl111 has default port options that are
unsafe
Product: Ports & Packages
Version: Latest
Hardware: Any
OS: Any
Status: New
Severity: Affects Many People
Priority: ---
Component: Individual Port(s)
Assignee: brnrd at freebsd.org
Reporter: p5B2E9A8F at t-online.de
Flags: maintainer-feedback?(brnrd at freebsd.org)
Assignee: brnrd at freebsd.org
Flags: maintainer-feedback?
security/openssl111 has these default port options
====> Block Cipher Support
ARIA=off: ARIA (South Korean standard)
DES=on: (Triple) Data Encryption Standard
GOST=on: GOST (Russian standard)
IDEA=off: International Data Encryption Algorithm
SM2=off: SM2 (Chinese standard)
SM3=off: SM3 (Chinese standard)
SM4=off: SM4 (Chinese standard)
RC2=on: RC2 (unsafe)
RC4=on: RC4 (unsafe)
RC5=off: RC5 (patented)
====> Hash Function Support
MD2=off: MD2 (obsolete)
MD4=on: MD4 (unsafe)
MDC2=off: MDC-2 (patented, requires DES)
RMD160=on: RIPEMD-160
While one can debate if weak ciphers/hash functions should be enabled by
default. But I think there should be no discussion necessary if and why
_unsafe_ port options should be enabled by default.
Please review your work and act accordingly.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-ports-bugs
mailing list