svn commit: r284436 - head/contrib/sendmail/src
Shawn Webb
shawn.webb at hardenedbsd.org
Tue Jun 16 20:49:32 UTC 2015
On Tue, 2015-06-16 at 02:58 +0000, Gregory Neil Shapiro wrote:
> Author: gshapiro
> Date: Tue Jun 16 02:58:50 2015
> New Revision: 284436
> URL: https://svnweb.freebsd.org/changeset/base/284436
>
> Log:
> The import of openssl to address the FreeBSD-SA-15:10.openssl security
> advisory includes a change which rejects handshakes with DH parameters
> below 768 bits. sendmail releases prior to 8.15.2 (not yet released),
> defaulted to a 512 bit DH parameter setting for client connections.
> This commit chages that default to 1024 bits. sendmail 8.15.2, when
> released well use a default of 2048 bits.
If upstream will be using 2048 bits, why not simply use that?
--
Shawn Webb
HardenedBSD
GPG Key ID: 0x6A84658F52456EEE
GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89 3D9E 6A84 658F 5245 6EEE
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part
URL: <http://lists.freebsd.org/pipermail/svn-src-all/attachments/20150616/71fe4c2f/attachment.sig>
More information about the svn-src-all
mailing list