Why no update of base/ports openssl for recent CVEs?

Mel Pilgrim list_freebsd at bluerosetech.com
Tue Nov 21 23:31:13 UTC 2017

Previous message (by thread): freebsd-update EoL "warning" prevents installing latest SAs
Next message (by thread): Why no update of base/ports openssl for recent CVEs?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

OpenSSL 1.0.2 before 1.0.2m (ports and 11.x base) are affected by 
CVE-2017-3735 and CVE-2017-3736, the most recent reported on 2 November.

Why hasn't an SA and update for base been released, or security/openssl 
been updated?

Previous message (by thread): freebsd-update EoL "warning" prevents installing latest SAs
Next message (by thread): Why no update of base/ports openssl for recent CVEs?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the freebsd-security mailing list