Patches for OpenSSL

jerry at jerry at
Thu Dec 10 11:55:21 UTC 2020

I just read "FreeBSD Security Advisory FreeBSD-SA-20:33.openssl". I found the following part of the message quite troubling.


"Note: The OpenSSL project has published publicly available patches for versions included in FreeBSD 12.x.  This vulnerability is also known to affect OpenSSL versions included in FreeBSD 11.4.  However, the OpenSSL project is only giving patches for that version to premium support contract holders.  The FreeBSD project does not have access to these patches and recommends ..."


Exactly why doesn't FreeBSD have access to the above mentioned 'patches'? Is this purely a financial matter? If so, then exactly how much are we talking about here? For one, I would be too interested in knowing the specifics regarding FreeBSD's inability to gain access to these patches.




-------------- next part --------------
A non-text attachment was scrubbed...
Name: openpgp-digital-signature.asc
Type: application/pgp-signature
Size: 660 bytes
Desc: not available
URL: <>

More information about the freebsd-questions mailing list