FreeBSD's heartbleed response
Florent Peterschmitt
florent at peterschmitt.fr
Tue Apr 8 21:17:37 UTC 2014
Do we need to fetch them from the Internet?
Local packages can do the job, nope? But it will lead to kind of
bootstrapping… or everything as packages bootstrapped once for all.
And yes, it will not be some pie (a french stock phrase meaning it will
be hard, translated word for word :) ).
On 08/04/2014 21:26, John-Mark Gurney wrote:
> Florent Peterschmitt wrote this message on Tue, Apr 08, 2014 at 20:39 +0200:
>> On 08/04/2014 19:46, Mark Boolootian wrote:
>>> While it may not be quite what you're looking for, ports contains
>>> OpenSSL 1.0.1g.
>>
>> Why not moving critical parts of the basesystem to ports, that will be
>> installed at system installation of course?
>
> Because we have programs in base that depend upon OpenSSL... so,
> moving OpenSSL out of base is not really an option, unless you want
> to remove fetch, hostapd, pkg, and wpa_supplicant from the base system,
> we are stuck w/ OpenSSL in base...
>
> yes, there is pkg there, how are you going to fetch packages to install
> if you don't have that?
>
> btw, all found w/ ldd /usr/bin/* /usr/sbin/* 2>/dev/null | less and
> searching for libssl...
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 880 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freebsd.org/pipermail/freebsd-security/attachments/20140408/69d79064/attachment.sig>
More information about the freebsd-security
mailing list