[FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-14:06.openssl [REVISED]
Per olof Ljungmark
peo at intersonic.se
Wed Apr 9 18:52:05 UTC 2014
Can someone please shed a little light why this advisory says STABLE/9
is affected, but
https://heartbleed.com/
says it is not?
I see
openssl version -a
OpenSSL 0.9.8y 5 Feb 2013
built on: date not available
platform: FreeBSD-amd64
options: bn(64,64) md2(int) rc4(ptr,int) des(idx,cisc,16,int)
blowfish(idx)
compiler: cc
OPENSSLDIR: "/etc/ssl"
from our STABLE/9 servers.
What am I missing here?
On 2014-04-09 03:06, FreeBSD Security Advisories wrote:
> =============================================================================
> FreeBSD-SA-14:06.openssl Security Advisory
> The FreeBSD Project
>
> Topic: OpenSSL multiple vulnerabilities
>
> Category: contrib
> Module: openssl
> Announced: 2014-04-08
> Affects: All supported versions of FreeBSD.
> Corrected: 2014-04-08 18:27:39 UTC (stable/10, 10.0-STABLE)
> 2014-04-08 18:27:46 UTC (releng/10.0, 10.0-RELEASE-p1)
> 2014-04-08 23:16:19 UTC (stable/9, 9.2-STABLE)
> 2014-04-08 23:16:05 UTC (releng/9.2, 9.2-RELEASE-p4)
> 2014-04-08 23:16:05 UTC (releng/9.1, 9.1-RELEASE-p11)
> 2014-04-08 23:16:19 UTC (stable/8, 8.4-STABLE)
> 2014-04-08 23:16:05 UTC (releng/8.4, 8.4-RELEASE-p8)
> 2014-04-08 23:16:05 UTC (releng/8.3, 8.3-RELEASE-p15)
> CVE Name: CVE-2014-0076, CVE-2014-0160
>
More information about the freebsd-questions
mailing list