From owner-freebsd-security Fri Mar 21 2: 4:39 2003 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 55E5337B401 for ; Fri, 21 Mar 2003 02:04:37 -0800 (PST) Received: from arbor.panaso.com (arbor.panaso.com [199.60.48.160]) by mx1.FreeBSD.org (Postfix) with SMTP id C398343FB1 for ; Fri, 21 Mar 2003 02:04:36 -0800 (PST) (envelope-from tbaur@panaso.com) Received: (qmail 27606 invoked from network); 21 Mar 2003 09:57:55 -0000 Received: from unknown (HELO localhost) (127.0.0.1) by localhost.panaso.com with SMTP; 21 Mar 2003 09:57:55 -0000 Date: Fri, 21 Mar 2003 01:57:55 -0800 (PST) From: Tim Baur To: freebsd-security@FreeBSD.ORG Subject: Re: Patch for OpenSSL and freebsd 4.4 In-Reply-To: <3E7ADFAE.3000509@imc.nl> Message-ID: <0303210148040.31535@neobe.cnanfb.pbz> References: <3E7ADFAE.3000509@imc.nl> X-PGP: 0x44DB0D83 MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Fri, 21 Mar 2003, Roelf Schreurs wrote: > I was wondering if there will be a patch release for the 2 new OpenSSl > vulnerabilities found this week? RELENG_4_4 is no longer supported by the security officer. Please review: http://www.ca.freebsd.org/security/index.html#adv You could however cvsup ports, and install the updated openssl port which contains the patches to address this advisory. You can also overwrite base system via OPENSSL_OVERWRITE_BASE. -tbaur dinoex 2003/03/18 22:26:53 PST FreeBSD ports repository Modified files: security/openssl Makefile Added files: security/openssl/files patch-security Log: - switch to USE_PERL5_BUILD - add security patch Approved by: kris Obtained from: http://www.openssl.org/news/secadv_20030317.txt To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message