System based openssl

Michael Powell nightrecon at
Sat Mar 28 20:02:45 UTC 2015

Subscriber wrote:

> Hi.
> Witch version of system based OpenSSL last for FreeBSD 10.1?
> I have # uname -srm
> FreeBSD 10.1-RELEASE-p8 amd64
> # freebsd-version -ku
> 10.1-RELEASE-p8
> 10.1-RELEASE-p8
> # /usr/bin/openssl version
> OpenSSL 1.0.1l-freebsd 15 Jan 2015

This is correct. This is what is currently in the system base.
> But says the last version OpenSSL in 1.0.1 tree is 1.0.1m
> (19-Mar-2015)

This would have to be imported into the system base. This involves developer 
time and effort. It is not quite trivial.

There is also a newer OpenSSL in the ports tree. Version 1.0.2 if memory 
serves. I have seen bugs and problem reports filed against the 1.0.2 so I 
would be hesitant to just blindly 'install the port version' simply because 
it's newer. 

The FreeBSD devs do a pretty fair job at vetting what gets into the system 
base, and the resulting maintenance issues which arise from time to time. 
Trying to "outsmart" ones self with the delusion that I know more than they 
do is how many go about creating their own problems.
> No OpenSSL files available during freebsd-update:
> # freebsd-update fetch
> Looking up mirrors... 5 mirrors found.
> Fetching metadata signature for 10.1-RELEASE from
> done. Fetching metadata index... done.
> Inspecting system... done.
> Preparing to download files... done.
> The following files will be updated as part of updating to
> 10.1-RELEASE-p8: /boot/kernel/kernel
> What is wrong?
> Thx.

My first impression is nothing is wrong. You have what you're supposed to 
have. Other than that, I have never used freebsd-update so can't speak to 
anything relevant to that.


More information about the freebsd-questions mailing list