possibly silly question regarding freebsd-update
tech-lists
tech-lists at zyxst.net
Tue Mar 30 15:39:01 UTC 2021
On Tue, Mar 30, 2021 at 05:22:30PM +0200, Guido Falsi via freebsd-stable wrote:
>
>No, as you can see in the commit in the official git [1] while for
>current and stable the new upstream version of openssl was imported for
>the release the fix was applied without importing the new release and
>without changing the reported version of the library.
>
>So with 12.2p5 you do get the fix but don't get a new version of the
>library.
>
>
>[1]
>https://cgit.freebsd.org/src/commit/?h=releng/12.2&id=af61348d61f51a88b438d41c3c91b56b2b65ed9b
On this url, near the top, there's this:
"Fix multiple OpenSSL vulnerabilities. Add UPDATING and bump
version." next to that, we have "releng/12.2".
So, I'm expecting the version information pertaining to
opensslto be bumped. Is this expectation unreasonable?
I'm not a developer.
--
J.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20210330/4b50db49/attachment.sig>
More information about the freebsd-stable
mailing list