OpenSSL 0.9.8k -> 0.9.8l
Tim Gustafson
tjg at soe.ucsc.edu
Sat Apr 17 16:01:13 UTC 2010
> This isn't an answer to your question, but you could
> always use OpenSSL from the ports tree.
I'm hesitant to do so because in the past I've had problem when I've used the ports to upgrade base OS-level stuff, like OpenSSL or Sendmail, then the buildworld cycle overwrites the ports library and the ports library overwrites the OS-level stuff and so on, which in the past has caused general mayhem.
It seems to me that the exploits purported to exist in 0.9.8k are serious enough to merit an upgrade to 0.9.8l for everyone. Is there a reason why you wouldn't want to upgrade to 0.9.8l?
Tim Gustafson
Baskin School of Engineering
UC Santa Cruz
tjg at soe.ucsc.edu
831-459-5354
More information about the freebsd-security
mailing list