OpenSSL static analysis, was: De Raadt + FBSD + OpenSSH + hole?
Ronald F. Guilmette
rfg at tristatelogic.com
Thu Apr 24 09:32:06 UTC 2014
In message <CAG5KPzyBSXFPzx6PZqu-9D9+ifn9ERNFc5Udxa4+sPJ2Fg3RSw at mail.gmail.com>
Ben Laurie <benl at freebsd.org> wrote:
>So where are your patches to fix these issues?
Moi?
Sorry. I'm confused. Was there something (anything) in or amongst
the comments I made have could have been construed or interpreted to
indicate that I personally was able to devote time to bugfixing on
these specific packages?
And more to the point, didn't I explicitly note that the OpenBSD dudes
are... according to published reports... already laboring away on a
slimed down and reorganized version of OpenSSL? Why would I or anyone
else want to spend (waste?) time hacking on this until those guys release
a new, improved and altogether svelte new version?
Regards,
rfg
More information about the freebsd-security
mailing list