From owner-freebsd-security@freebsd.org Fri Dec 11 12:20:04 2020 Return-Path: Delivered-To: freebsd-security@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 64DB44AE620 for ; Fri, 11 Dec 2020 12:20:04 +0000 (UTC) (envelope-from martin@lispworks.com) Received: from mail.lispworks.com (mail.lispworks.com [46.17.166.21]) by mx1.freebsd.org (Postfix) with ESMTP id 4Csqc34Nz4z3lFW for ; Fri, 11 Dec 2020 12:20:03 +0000 (UTC) (envelope-from martin@lispworks.com) Received: from higson.cam.lispworks.com (higson.cam.lispworks.com [192.168.1.7]) by lwfs1-cam.cam.lispworks.com (8.15.2/8.15.2) with ESMTP id 0BBCJY8o070864; Fri, 11 Dec 2020 12:19:34 GMT (envelope-from martin@lispworks.com) Received: from higson.cam.lispworks.com (localhost.localdomain [127.0.0.1]) by higson.cam.lispworks.com (8.14.4) id 0BBCJYxf000632; Fri, 11 Dec 2020 12:19:34 GMT Received: (from martin@localhost) by higson.cam.lispworks.com (8.14.4/8.14.4/Submit) id 0BBCJYSf000629; Fri, 11 Dec 2020 12:19:34 GMT Date: Fri, 11 Dec 2020 12:19:34 GMT Message-Id: <202012111219.0BBCJYSf000629@higson.cam.lispworks.com> From: Martin Simmons To: freebsd-security@freebsd.org In-reply-to: <2AF24633-7E9F-4B92-8E99-6A81CD9D3AF8@lastsummer.de> (message from Franco Fichtner on Fri, 11 Dec 2020 12:44:17 +0100) Subject: Re: FreeBSD Security Advisory FreeBSD-SA-20:33.openssl References: <20201209230300.03251CA1@freefall.freebsd.org> <20201211064628.GM31099@funkthat.com> <202012111138.0BBBc2Eq006002@higson.cam.lispworks.com> <2AF24633-7E9F-4B92-8E99-6A81CD9D3AF8@lastsummer.de> X-Rspamd-Queue-Id: 4Csqc34Nz4z3lFW X-Spamd-Bar: ++ Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=none (mx1.freebsd.org: domain of martin@lispworks.com has no SPF policy when checking 46.17.166.21) smtp.mailfrom=martin@lispworks.com X-Spamd-Result: default: False [2.00 / 15.00]; ARC_NA(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[46.17.166.21:from]; FREEFALL_USER(0.00)[martin]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_SPAM_SHORT(1.00)[1.000]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; DMARC_NA(0.00)[lispworks.com]; AUTH_NA(1.00)[]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[46.17.166.21:from:127.0.2.255]; RCVD_COUNT_THREE(0.00)[3]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_SPAM_LONG(1.00)[1.000]; RCVD_IN_DNSWL_NONE(0.00)[46.17.166.21:from]; R_SPF_NA(0.00)[no SPF record]; RCVD_NO_TLS_LAST(0.10)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:51055, ipnet:46.17.166.0/24, country:GB]; MAILMAN_DEST(0.00)[freebsd-security] X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Dec 2020 12:20:04 -0000 >>>>> On Fri, 11 Dec 2020 12:44:17 +0100, Franco Fichtner said: > > > On 11. Dec 2020, at 12:38 PM, Martin Simmons wrote: > > > >>>>>> On Thu, 10 Dec 2020 22:46:28 -0800, John-Mark Gurney said: > >> > >> What are peoples thoughts on how to address the support mismatch between > >> FreeBSD and OpenSSL? And how to address it? > > > > Maybe it would help a little if the packages on pkg.FreeBSD.org all used the > > pkg version of OpenSSL? Currently, it looks like you have build your own > > ports if you want that. > > This pretty much breaks LibreSSL ports usage for binary package consumers. I'm talking about the binary packages from pkg.FreeBSD.org. Don't they always use the base OpenSSL at the moment? __Martin