OpenSSL on 8.3 (pfsense appliance)
Daniel Howard
dannyman at toldme.com
Tue Apr 8 19:42:30 UTC 2014
Hello,
Per the heartbleed vulnerability, I'm looking at a vulneranle pfsense
firewall appliance:
# /usr/bin/openssl version
OpenSSL 0.9.8y 5 Feb 2013
# /usr/local/bin/openssl version
OpenSSL 1.0.1e 11 Feb 2013
# ldd /usr/local/sbin/openvpn | grep libssl
libssl.so.8 => /usr/local/lib/libssl.so.8 (0x8007e9000)
Per Brian Drewery, the port has been fixed, but this appliance does not
have ports installed.
I see an openssl package here:
ftp://ftp.freebsd.org/pub/FreeBSD/ports/amd64/packages-8-stable/Latest/openssl.tbz
At this moment, the timestamp is January. Can one reasonably expect that
there is a process building updated packages for this branch? Can anyone
advise how long before a new openssl package is published here? Or should
I spin up an 8.3 box to build a package?
Has anyone else here patched a pfsense appliance yet? Last I saw their fix
ETA is Thursday.
Thanks,
-danny
--
http://dannyman.toldme.com
More information about the freebsd-security
mailing list