FreeBSD Security Advisory FreeBSD-SA-14:14.openssl
John Marshall
john.marshall at riverwillow.com.au
Fri Jun 6 04:34:10 UTC 2014
On Thu, 05 Jun 2014, 13:16 +0000, FreeBSD Security Advisories wrote:
> Corrected:
> 2014-06-05 12:33:23 UTC (releng/9.2, 9.2-RELEASE-p8)
> VI. Correction details
> Branch/path Revision
> -------------------------------------------------------------------------
> releng/9.2/ r267104
I've just src-upgraded a system and expected to see OpenSSL version
0.9.8za at the end of it all. I checked the patches and the OpenSSL
version number wasn't touched. Is this an expected outcome?
rwsrv04> uname -v; openssl version
FreeBSD 9.2-RELEASE-p8 #0 r267130: Fri Jun 6 12:43:09 AEST 2014...
OpenSSL 0.9.8y 5 Feb 2013
rwsrv04> ls -l /usr/lib/libssl.so.6
-r--r--r-- 1 root wheel 304808 6 Jun 13:31 /usr/lib/libssl.so.6
I understand that it was the FreeBSD distribution that was patched and
not the OpenSSL distribution, but having the operating system and
applications reporting a "vulnerable" version of OpenSSL isn't
reassuring to other folks.
--
John Marshall
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-security/attachments/20140606/b7d8f039/attachment.sig>
More information about the freebsd-security
mailing list