Date: Wed, 30 Apr 2014 17:47:07 +0400 From: Maxim Dounin <mdounin@mdounin.ru> To: Cstdenis <cstdenis@ctgameinfo.com> Cc: freebsd-security@freebsd.org Subject: Re: [FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-14:09.openssl Message-ID: <20140430134706.GD34696@mdounin.ru> In-Reply-To: <536089BC.3060002@ctgameinfo.com> References: <201404300435.s3U4ZA17093706@freefall.freebsd.org> <536089BC.3060002@ctgameinfo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello! On Tue, Apr 29, 2014 at 10:27:24PM -0700, Cstdenis wrote: > Based on the CVE, it looks like older versions may also be vulnerable. > http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-5298 Information on the link in question is misleading. Affected code appeared in OpenSSL 1.0.0 and doesn't exists in previous versions, hence this problem only affects FreeBSD 10.x. -- Maxim Dounin http://nginx.org/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20140430134706.GD34696>