From owner-freebsd-questions@freebsd.org  Mon Nov 13 16:18:03 2017
Return-Path: <owner-freebsd-questions@freebsd.org>
Delivered-To: freebsd-questions@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 57390DBE3EA
 for <freebsd-questions@mailman.ysv.freebsd.org>;
 Mon, 13 Nov 2017 16:18:03 +0000 (UTC) (envelope-from ml@netfence.it)
Received: from smtp207.alice.it (smtp207.alice.it [82.57.200.103])
 by mx1.freebsd.org (Postfix) with ESMTP id 1717673A0A
 for <freebsd-questions@freebsd.org>; Mon, 13 Nov 2017 16:18:02 +0000 (UTC)
 (envelope-from ml@netfence.it)
Received: from soth.ventu (95.245.124.219) by smtp207.alice.it (8.6.060.28)
 id 59D204AC077E5D04 for freebsd-questions@freebsd.org;
 Mon, 13 Nov 2017 17:18:00 +0100
Received: from alamar.ventu (alamar.local.netfence.it [10.1.2.18])
 by soth.ventu (8.15.2/8.15.2) with ESMTP id vADGHl39015002
 for <freebsd-questions@freebsd.org>; Mon, 13 Nov 2017 17:17:47 +0100 (CET)
 (envelope-from ml@netfence.it)
X-Authentication-Warning: soth.ventu: Host alamar.local.netfence.it
 [10.1.2.18] claimed to be alamar.ventu
From: Andrea Venturoli <ml@netfence.it>
Subject: OpenSSL CVE-2017-3736
To: freebsd-questions@freebsd.org
Message-ID: <a8f10b91-f0fa-77b1-cd98-993b31a11e66@netfence.it>
Date: Mon, 13 Nov 2017 17:17:42 +0100
User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:52.0) Gecko/20100101
 Thunderbird/52.4.0
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.25
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Nov 2017 16:18:03 -0000

Hello.

A little bit out of curiosity and a little bit to plan my work...

I thought any version of FreeBSD would be affected by this 
vulnerability, but heard nothing on the list.

Am I wrong? Are we safe?
Is a SA coming?

I see devel/openssl was upgraded to 1.0.2m. Are we expected to go the 
port way?

  bye & Thanks
	av.