FreeBSD Security Advisory FreeBSD-SA-20:33.openssl
John-Mark Gurney
jmg at funkthat.com
Fri Dec 11 19:57:26 UTC 2020
Robert Schulze wrote this message on Fri, Dec 11, 2020 at 10:14 +0100:
> Hi,
>
> Am 11.12.20 um 07:46 schrieb John-Mark Gurney:
> >
> > Assuming 13 releases w/ OpenSSL, we'll be even in a worse situation
> > than we are now. OpenSSL 3.0.0 has no support commitment announced
> > yet, and sticking with 1.1.1 for 13 will put us even in a worse
> > situation than we are today.
> >
> > What are peoples thoughts on how to address the support mismatch between
> > FreeBSD and OpenSSL? And how to address it?
> >
> > IMO, FreeBSD does need to do something, and staying w/ OpenSSL does
> > not look like a viable option.
>
> you may install a current OpenSSL via ports if you like to.
> I don't see any OpenSSL fork to be more reliable than its predecessor
> but there has been done much work in the portstree to enable the system
> administrator to switch.
That does not fix all the applications that are in base, like fetch,
that use OpenSSL.
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have, has not."
More information about the freebsd-security
mailing list