FreeBSD Security Advisory FreeBSD-SA-20:33.openssl
Martin Simmons
martin at lispworks.com
Fri Dec 11 11:48:12 UTC 2020
>>>>> On Wed, 9 Dec 2020 23:03:00 +0000 (UTC), FreeBSD Security Advisories said:
>
> Note: The OpenSSL project has published publicly available patches for
> versions included in FreeBSD 12.x. This vulnerability is also known to
> affect OpenSSL versions included in FreeBSD 11.4. However, the OpenSSL
> project is only giving patches for that version to premium support contract
> holders. The FreeBSD project does not have access to these patches and
> recommends FreeBSD 11.4 users to either upgrade to FreeBSD 12.x or leverage
> up to date versions of OpenSSL in the ports/pkg system. The FreeBSD Project
> may update this advisory to include FreeBSD 11.4 should patches become
> publicly available.
I see that Ubuntu have backported this (see 1.0.2n-1ubuntu5.5 in
https://launchpad.net/ubuntu/+source/openssl1.0).
__Martin
More information about the freebsd-security
mailing list