FreeBSD Security Advisory FreeBSD-SA-14:06.openssl
Lena at lena.kiev.ua
Lena at lena.kiev.ua
Wed Apr 9 08:48:27 UTC 2014
> >systems that do not use OpenSSL to implement
> >the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1)
> >protocols implementation and do not use the ECDSA implementation from OpenSSL
> >are not vulnerable.
>
> Please help me find out if my systems are vulnerable.
>
> I use authenticated sendmail with security/cyrus-sasl2:
>
> # grep SENDMAIL /etc/make.conf
> SENDMAIL_CFLAGS+= -I/usr/local/include -DSASL=2
> SENDMAIL_LDFLAGS+= -L/usr/local/lib
> SENDMAIL_LDADD+= -lsasl2
> #
>
> I also use ssh-keygen(1).
>
> Am I affected?
Port mail/sendmail-sasl (sendmail+tls+sasl2-8.14.8) depends on the
openssl port. You need to upgrade the security/openssl port to
openssl-1.0.1_10 and restart sendmail.
SSH is not affected.
> Is it possible to list a few sample base OS
> programs or libraries which are affected?
Besides ports, only FreeBSD 10 base is affected. The recipe was posted here:
ldd /usr/bin/* /usr/sbin/* /bin/* 2>/dev/null | less
/ssl
More information about the freebsd-security
mailing list