FreeBSD Security Advisory FreeBSD-SA-20:33.openssl
Robert Schulze
rs at bytecamp.net
Fri Dec 11 09:14:06 UTC 2020
Hi,
Am 11.12.20 um 07:46 schrieb John-Mark Gurney:
>
> Assuming 13 releases w/ OpenSSL, we'll be even in a worse situation
> than we are now. OpenSSL 3.0.0 has no support commitment announced
> yet, and sticking with 1.1.1 for 13 will put us even in a worse
> situation than we are today.
>
> What are peoples thoughts on how to address the support mismatch between
> FreeBSD and OpenSSL? And how to address it?
>
> IMO, FreeBSD does need to do something, and staying w/ OpenSSL does
> not look like a viable option.
>
you may install a current OpenSSL via ports if you like to.
I don't see any OpenSSL fork to be more reliable than its predecessor
but there has been done much work in the portstree to enable the system
administrator to switch.
There is not much left (if anything) to be done in FreeBSD itself
regarding the standard crypto library.
regards,
Robert Schulze
More information about the freebsd-security
mailing list