From owner-freebsd-security@FreeBSD.ORG Sat Apr 28 23:39:19 2012 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 73A3B1065670 for ; Sat, 28 Apr 2012 23:39:19 +0000 (UTC) (envelope-from rsimmons0@gmail.com) Received: from mail-vx0-f182.google.com (mail-vx0-f182.google.com [209.85.220.182]) by mx1.freebsd.org (Postfix) with ESMTP id 29AA38FC15 for ; Sat, 28 Apr 2012 23:39:19 +0000 (UTC) Received: by vcmm1 with SMTP id m1so1757984vcm.13 for ; Sat, 28 Apr 2012 16:39:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=gXXR1+YwJjL7ezQfCnT+nyDDDqlXMhl3mRjCokl+Nnc=; b=eKC7q0hKDZ/Mwe98sOmto5YOskXD7s4Onug1+aX26t23ew40/VbqNWlVR3k1etT0Nz W//87BRGmWeqAPLwmJOF8dlpMlq9xYmuvzzdOsY/dKhJL2w9aL+ZV1tEcIqPvRKE73US /nBIWRaX9/K2iMMePAJA7awz9U0V905cuuc6aZ75RRmOcCUVvBIslO8rcuWxLgg7xzkc PnzOtV2OaFscOuXB6z2T8ZwFyDhGacq/+tcLLWU9EizbLPBwb4El83RyITjBW8rg3Kbs Cf12x8+jEu8i67u9oYMifooSQ+OJB92AXiYAozhJAILECTs8c7tjwPy7O2gmS0meyipI gqBw== MIME-Version: 1.0 Received: by 10.52.95.42 with SMTP id dh10mr10546330vdb.37.1335656358176; Sat, 28 Apr 2012 16:39:18 -0700 (PDT) Received: by 10.52.66.239 with HTTP; Sat, 28 Apr 2012 16:39:18 -0700 (PDT) Date: Sat, 28 Apr 2012 19:39:18 -0400 Message-ID: From: Robert Simmons To: freebsd-security@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 Subject: OpenSSL and Heimdal X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 28 Apr 2012 23:39:19 -0000 Is there a plan to update OpenSSL to patch for CVE-2012-2131? Also, is the DOS vulnerability in libkrb5 that Heimdal 1.5.2 patches present in Heimdal 1.1 which shipped with 9.0-RELEASE?