FreeBSD Security Advisory FreeBSD-SA-09:15.ssl
Bogdan Ćulibrk
bc at default.rs
Thu Dec 10 11:42:54 UTC 2009
> Actually, pretty much anyone who uses client certificates in an
> enterprise environment is likely to have a problem with this, which is
> why the IETF TLS working group is working on publishing a protocol
> fix. It looks like that RFC should be published, at Proposed
> Standard, in a few weeks, and most vendors look prepared to release
> implementations of the fix immediately thereafter (as soon as the
> relevant constants are assigned by IANA).
>
> -GAWollman
This advisory kinda made big problem here in local (things stopped
working). I had to do rollback this update because of "session
renegotiation" breakage.
Is there some workaround to make things work along with this advisory?
Maybe switch to ports/security/openssl ?
Can anyone comment on this one?
Thanks in advance.
=bc
More information about the freebsd-security
mailing list