Re: FreeBSD's heartbleed response
Merijn Verstraaten
merijn at inconsistent.nl
Tue Apr 8 18:17:56 UTC 2014
Unless I misunderstood earlier emails, the heartbeat extension os ALREADY disabled in base, therefore FreeBSD base isn't vulnerable and the only problem is people who installed a newer OpenSSL from ports.
Cheers,
Merijn
----- Reply message -----
From: "Nathan Dorfman" <na at rtfm.net>
To: "Mike Tancsa" <mike at sentex.net>
Cc: <freebsd-security at freebsd.org>
Subject: FreeBSD's heartbleed response
Date: Tue, Apr 8, 2014 20:05
Someone please correct me if I'm wrong, but I think simply adding
-DOPENSSL_NO_HEARTBEATS to crypto/openssl/Makefile (and recompiling!) is
sufficient to remove the vulnerability from the base system.
-nd.
_______________________________________________
freebsd-security at freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe at freebsd.org"
More information about the freebsd-security
mailing list