From owner-freebsd-questions@FreeBSD.ORG Thu Oct 4 15:47:47 2007 Return-Path: Delivered-To: questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B305716A420 for ; Thu, 4 Oct 2007 15:47:47 +0000 (UTC) (envelope-from freebsd-questions@slightlystrange.org) Received: from catflap.slightlystrange.org (cpc5-cmbg1-0-0-cust497.cmbg.cable.ntl.com [86.6.1.242]) by mx1.freebsd.org (Postfix) with ESMTP id 6D20313C4BF for ; Thu, 4 Oct 2007 15:47:47 +0000 (UTC) (envelope-from freebsd-questions@slightlystrange.org) Received: by catflap.slightlystrange.org (Postfix, from userid 106) id C566F6152; Thu, 4 Oct 2007 16:29:15 +0100 (BST) Received: from brick.slightlystrange.org (brick.slightlystrange.org [10.1.3.48]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by catflap.slightlystrange.org (Postfix) with ESMTP id D204360F8 for ; Thu, 4 Oct 2007 16:29:14 +0100 (BST) Received: (from danielby@localhost) by brick.slightlystrange.org (8.13.4/8.13.4/Submit) id l94FTCew075630 for questions@freebsd.org; Thu, 4 Oct 2007 16:29:12 +0100 (BST) (envelope-from freebsd-questions@slightlystrange.org) Date: Thu, 4 Oct 2007 16:29:12 +0100 From: Daniel Bye To: questions@freebsd.org Message-ID: <20071004152911.GC1255@slightlystrange.org> Mail-Followup-To: questions@freebsd.org References: <8e10486b0710040653w291bb6e2h2a73cd41812b0b70@mail.gmail.com> <4704F974.4010801@dwinner.net> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="32u276st3Jlj2kUU" Content-Disposition: inline In-Reply-To: <4704F974.4010801@dwinner.net> User-Agent: Mutt/1.4.2.3i X-PGP-Fingerprint: D349 B109 0EB8 2554 4D75 B79A 8B17 F97C 1622 166A Cc: Subject: Re: What is affected by FreeBSD-SA-07:08.openssl ? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Daniel Bye List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Oct 2007 15:47:47 -0000 --32u276st3Jlj2kUU Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Oct 04, 2007 at 10:32:20AM -0400, Duane Winner wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 >=20 > Alexandre Biancalana wrote: > > Hi list, > >=20 > > A quick: > >=20 > > $ grep -lr SSL_get_shared_ciphers /usr/src 2> /dev/null > > /usr/src/crypto/openssl/apps/s_client.c > > /usr/src/crypto/openssl/apps/s_server.c > > /usr/src/crypto/openssl/doc/ssleay.txt > > /usr/src/crypto/openssl/doc/ssl/ssl.pod > > /usr/src/crypto/openssl/ssl/ssl.h > > /usr/src/crypto/openssl/ssl/ssl_lib.c > > /usr/src/crypto/openssl/util/ssleay.num > > /usr/src/secure/lib/libssl/man/ssl.3 > >=20 > > Doesn't revel much about what is affected by this bug.... Have someone = made > > some deeper analysis about what is affected ? >=20 > Related question: >=20 > Would any ports which may have been built based on openssl libraries > (apache, stunnel, etc.) need to be rebuilt after this openssl patch? I would think it would be sufficient just to restart any such ports,=20 rather than completely rebuild them, to ensure that the updated version of the OpenSSL libs are loaded, and not the old broken ones. However, it can't do any harm to rebuild, if you're that worried about it. I'm sure someone will put me right if that's not the case, though. Dan --=20 Daniel Bye _ ASCII ribbon campaign ( ) - against HTML, vCards and X - proprietary attachments in e-mail / \ --32u276st3Jlj2kUU Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4 (FreeBSD) iD8DBQFHBQbHixf5fBYiFmoRAjPuAKDBtZj9M/JELZVLTDIF7P+TW1o+SwCgtVYU K+ipvp6i2gINU5xbrgHHfSw= =wA1a -----END PGP SIGNATURE----- --32u276st3Jlj2kUU--