From owner-freebsd-security@FreeBSD.ORG  Thu Jan 14 23:55:25 2010
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 75A6F1065695
	for <freebsd-security@freebsd.org>;
	Thu, 14 Jan 2010 23:55:25 +0000 (UTC) (envelope-from billy@nlcc.us)
Received: from toaster.abovetec.com (toaster.abovetec.com [208.75.177.126])
	by mx1.freebsd.org (Postfix) with ESMTP id 26FBD8FC1B
	for <freebsd-security@freebsd.org>;
	Thu, 14 Jan 2010 23:55:24 +0000 (UTC)
Received: (qmail 55737 invoked by uid 89); 14 Jan 2010 23:28:41 -0000
Received: from unknown (HELO ibm.nlcc.us) (67.54.213.138)
	by 127.0.0.21 with SMTP; 14 Jan 2010 23:28:41 -0000
Received: (qmail 61350 invoked by uid 89); 14 Jan 2010 23:28:35 -0000
Received: from unknown (HELO ?192.168.0.46?) (billy@192.168.0.46)
	by ibm.nlcc.us with ESMTPA; 14 Jan 2010 23:28:35 -0000
Message-ID: <4B4FA898.3090007@nlcc.us>
Date: Thu, 14 Jan 2010 17:28:24 -0600
From: Billy Newsom <billy@nlcc.us>
User-Agent: Thunderbird 2.0.0.23 (Windows/20090812)
MIME-Version: 1.0
To: freebsd-security@freebsd.org
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Mailman-Approved-At: Fri, 15 Jan 2010 00:21:15 +0000
Subject: OpenSSL marked deprecated?
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Jan 2010 23:55:25 -0000

Why is the OpenSSL port marked deprecated? No security issue, but the port 
builds... no fallback to a safe alternative, no known fix? Does the security 
team know?

===>  Cleaning for openssl-0.9.8l_1
===>  openssl-0.9.8l_1 is marked as broken: coredumps on i386 and amd64.
*** Error code 1

Maybe someone should explain this in a way we can understand? The port 
maintainer or "dinoex" is responsible....
dinoex@FreeBSD.org

 From the Makefile for the port:

# $FreeBSD: ports/security/openssl/Makefile,v 1.161 2010/01/12 15:43:52 dinoex 
Exp $

BROKEN=                coredumps on i386 and amd64
DEPRECATED=    has unfixed vulnerabilities
EXPIRATION_DATE=2010-01-12

Where have there been coredumps? Says who? Where? Why? How? When? Which 
version? Which OS?

Billy