sendmail broken by libssl in current
Dan Lukes
dan at obluda.cz
Wed Mar 11 14:55:33 UTC 2015
Paul Hoffman wrote:
> Can you say which email servers *other* than unpatched Ironport fail?
> Cisco has known about this for many months; see <https://tools.cisco.com/quickview/bug/CSCuo25276>
Note that Bug CSCuo25276 is considered duplicate of the bug CSCuo25329.
> If that's true (I can't confirm), why would we want to do a patch to our core crypto?
Good question. The following should be taken into consideration.
According CSCuo25329, the issue has been fixed on Mar 2,2015 in
8.0.2-055 and 8.5.6-063 release of Cisco Email Security Appliance.
There are three known affected releases only - 8.0.1-023, 8.5.0-473,
8.5.5-280
Dan
More information about the freebsd-security
mailing list