Date: Thu, 15 Dec 2022 16:37:38 +0000 From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 268069] security/clamav: 1.0.0 does no work with cld and cvd files Message-ID: <bug-268069-7788-v2bAzYofdG@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-268069-7788@https.bugs.freebsd.org/bugzilla/> References: <bug-268069-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D268069 --- Comment #33 from fsbruva@yahoo.com --- (In reply to Yasuhiro Kimura from comment #31) That's a fair assessment. >From my perspective, given the age of openssl in the 12.3-RELEASE system (1.1.1l, circa Aug 2021), it shouldn't be surprising that I and others are using the port version.=20 The base openssl was built with numerous unsafe/obsolete ciphers, hashes and protocols, including: RC2, RC4, MD2, and MD4. This makes it unsuitable for a number of purposes, including as crypto engine in webserver. Upgrading to the latest in ports (1.1.1s, circa Nov 2022) closes the follow= ing vulnerabilities, among other bugs: CVE-2022-0778, CVE-2022-1292, CVE-2022-2068, CVE-2022-2097 --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-268069-7788-v2bAzYofdG>