FreeBSD's heartbleed response
John-Mark Gurney
jmg at funkthat.com
Tue Apr 8 19:26:45 UTC 2014
Florent Peterschmitt wrote this message on Tue, Apr 08, 2014 at 20:39 +0200:
> On 08/04/2014 19:46, Mark Boolootian wrote:
> > While it may not be quite what you're looking for, ports contains
> > OpenSSL 1.0.1g.
>
> Why not moving critical parts of the basesystem to ports, that will be
> installed at system installation of course?
Because we have programs in base that depend upon OpenSSL... so,
moving OpenSSL out of base is not really an option, unless you want
to remove fetch, hostapd, pkg, and wpa_supplicant from the base system,
we are stuck w/ OpenSSL in base...
yes, there is pkg there, how are you going to fetch packages to install
if you don't have that?
btw, all found w/ ldd /usr/bin/* /usr/sbin/* 2>/dev/null | less and
searching for libssl...
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have, has not."
More information about the freebsd-security
mailing list