openssl version - how to verify

c0re nr1c0re at
Mon Nov 15 15:40:30 UTC 2010

2010/11/15 Jerry <freebsd.user at>:
> On Mon, 15 Nov 2010 16:17:10 +0300
> c0re <nr1c0re at> articulated:
>> If I look at base openssl in 7.3-RELEASE-p3
>> sys# openssl version -a
>> OpenSSL 0.9.8e 23 Feb 2007
>> built on: Mon Sep 27 11:54:36 MSD 2010
>> platform: FreeBSD-i386
>> options:  bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long)
>> blowfish(idx) compiler: cc
>> OPENSSLDIR: "/etc/ssl"
>> but at I see that it's not recent version
>> 01-Jun-2010:     OpenSSL 0.9.8o is now available, including
>> important bug and security fixes
>> I know that freebsd security team make patches for base openssl, but
>> how can I know what patchlevel of openssl in base version?
>> Like "-p5" in "OpenSSL 0.9.8e-p5 23 Feb 2007".
> Why not just install the ports version:
> openssl version -a
> OpenSSL 1.0.0a 1 Jun 2010
> built on: Sun Jun  6 12:19:12 EDT 2010
> platform: BSD-x86_64
> options:  bn(64,64) rc4(8x,int) des(idx,cisc,16,int) idea(int) blowfish(idx)
> OPENSSLDIR: "/usr/local/openssl"
> You would need to add this to the "/etc/make.conf" file first I believe:
>        WITH_OPENSSL_PORT=yes

There are still too many broken ports with openssl from ports, I do
not like debug it and really like to use base openssl, almost no
But I just want to have some proves that base system openssl has
security patches because 7.3-RELEASE base openssl is 0.9.8e, but
0.9.8e has got security vulnerabilities. But how can I be sure that
freebsd base system with 0.9.8e version does not have any

More information about the freebsd-questions mailing list