FreeBSD Security Advisory FreeBSD-SA-20:33.openssl
Franco Fichtner
franco at lastsummer.de
Fri Dec 11 21:44:15 UTC 2020
Hi Ben,
> On 11. Dec 2020, at 9:13 PM, Benjamin Kaduk <kaduk at mit.edu> wrote:
>
> Could you please clarify what you mean by "second tier crypto" and "first
> tier crypto"? I'm having a hard time understanding this statement.
Sorry for being unclear.
First tier = base system crypto for ports
Second tier = ports/packages crypto for ports
It's also true what John-Mark wrote that moving ports to ports-based
crypto does not solve security updates for the dependent base system
parts. pkg-base can fix this, but then that also requires to stay
clear of package ABI clashes in dependent packages, which requires
concerted updates of base and ports packages or at least some sort of
version constraint / mismatch detection via something other than the
FreeBSD version number.
Cheers,
Franco
More information about the freebsd-security
mailing list