Date: Fri, 11 Dec 2020 22:44:09 +0100 From: Franco Fichtner <franco@lastsummer.de> To: Benjamin Kaduk <kaduk@mit.edu> Cc: Martin Simmons <martin@lispworks.com>, pi8Raiwi via freebsd-security <freebsd-security@freebsd.org> Subject: Re: FreeBSD Security Advisory FreeBSD-SA-20:33.openssl Message-ID: <83CE80AC-DBBE-49DC-B469-12E004739C51@lastsummer.de> In-Reply-To: <20201211201331.GJ64351@kduck.mit.edu> References: <202012111219.0BBCJYSf000629@higson.cam.lispworks.com> <612054DD-F857-455F-AF49-695A910A0D81@lastsummer.de> <20201211201331.GJ64351@kduck.mit.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi Ben, > On 11. Dec 2020, at 9:13 PM, Benjamin Kaduk <kaduk@mit.edu> wrote: > > Could you please clarify what you mean by "second tier crypto" and "first > tier crypto"? I'm having a hard time understanding this statement. Sorry for being unclear. First tier = base system crypto for ports Second tier = ports/packages crypto for ports It's also true what John-Mark wrote that moving ports to ports-based crypto does not solve security updates for the dependent base system parts. pkg-base can fix this, but then that also requires to stay clear of package ABI clashes in dependent packages, which requires concerted updates of base and ports packages or at least some sort of version constraint / mismatch detection via something other than the FreeBSD version number. Cheers, Franco
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?83CE80AC-DBBE-49DC-B469-12E004739C51>