openssl advisories

Herbert J. Skuhra herbert at
Wed Feb 24 09:25:04 UTC 2021

On Wed, Feb 24, 2021 at 09:34:53AM +0100, Andrea Venturoli wrote:
> Hello.
> I saw OpenSSL has published some security updates last week, which some
> other OSes have already provided updated packages for.
> So I was kinda expecting a batch of security advisories for FreeBSD in these
> days.
> I was surprised, however, to see nothing openssl related coming.
> Are we not affected? Is such an SA expected in a few days?
> I'd just hate to begin upgrading every system and need to start over again
> before I even finish :)

- current has openssl-1.1.1j.
- stable/12 and stable/13 have openssl-1.1.1j.
- stable/11 has backported patches. CVE-2021-23839 unpatched?
- releng/13.0 has openssl-1.1.1j.
- releng/12.2 has openssl-1.1.1h and is obviously unpatched
(CVE-2021-23840 and CVE-2021-23841):
- the openssl port (head and 2021Q1) has openssl-1.1.1j

Yes, the information is missing at


More information about the freebsd-questions mailing list