Date: Wed, 12 Sep 2018 12:45:36 +0000 From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 231326] security/openssl111 has default port options that are unsafe Message-ID: <bug-231326-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D231326 Bug ID: 231326 Summary: security/openssl111 has default port options that are unsafe Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Many People Priority: --- Component: Individual Port(s) Assignee: brnrd@freebsd.org Reporter: p5B2E9A8F@t-online.de Flags: maintainer-feedback?(brnrd@freebsd.org) Assignee: brnrd@freebsd.org Flags: maintainer-feedback? security/openssl111 has these default port options =3D=3D=3D=3D> Block Cipher Support ARIA=3Doff: ARIA (South Korean standard) DES=3Don: (Triple) Data Encryption Standard GOST=3Don: GOST (Russian standard) IDEA=3Doff: International Data Encryption Algorithm SM2=3Doff: SM2 (Chinese standard) SM3=3Doff: SM3 (Chinese standard) SM4=3Doff: SM4 (Chinese standard) RC2=3Don: RC2 (unsafe) RC4=3Don: RC4 (unsafe) RC5=3Doff: RC5 (patented) =3D=3D=3D=3D> Hash Function Support MD2=3Doff: MD2 (obsolete) MD4=3Don: MD4 (unsafe) MDC2=3Doff: MDC-2 (patented, requires DES) RMD160=3Don: RIPEMD-160 While one can debate if weak ciphers/hash functions should be enabled by default. But I think there should be no discussion necessary if and why _unsafe_ port options should be enabled by default. Please review your work and act accordingly. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-231326-7788>