From owner-svn-src-all@FreeBSD.ORG Wed Apr 9 14:01:29 2014 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 38B619CC; Wed, 9 Apr 2014 14:01:29 +0000 (UTC) Received: from smtp.des.no (smtp.des.no [194.63.250.102]) by mx1.freebsd.org (Postfix) with ESMTP id E9B4F1B4F; Wed, 9 Apr 2014 14:01:28 +0000 (UTC) Received: from nine.des.no (smtp.des.no [194.63.250.102]) by smtp-int.des.no (Postfix) with ESMTP id 0E2F2630A; Wed, 9 Apr 2014 14:01:28 +0000 (UTC) Received: by nine.des.no (Postfix, from userid 1001) id 45A00226; Wed, 9 Apr 2014 16:01:28 +0200 (CEST) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: Bryan Drewery Subject: Re: svn commit: r264265 - in head: crypto/openssl/crypto/bn crypto/openssl/crypto/ec crypto/openssl/ssl sys/fs/nfsserver References: <201404081827.s38IRXiL048987@svn.freebsd.org> Date: Wed, 09 Apr 2014 16:01:28 +0200 In-Reply-To: (Bryan Drewery's message of "Tue, 08 Apr 2014 15:55:18 -0500") Message-ID: <86bnwa7gav.fsf@nine.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org, Xin LI , secteam@FreeBSD.org X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Apr 2014 14:01:29 -0000 Bryan Drewery writes: > Also, that this was a partial release of 1.0.1g is confusing a LOT of > users. They think they are still vulnerable. They expect to see 1.0.1g > in 'openssl version'. We could have our own version string in 'openssl > version' to remedy this. This is no different from what other OSes do, e.g. RHEL6.5: % cat /etc/redhat-release=20 Red Hat Enterprise Linux Workstation release 6.5 (Santiago) % openssl version OpenSSL 1.0.1e-fips 11 Feb 2013 % TZ=3DUTC rpm -qi openssl Name : openssl Relocations: (not relocatable) Version : 1.0.1e Vendor: Red Hat, Inc. Release : 16.el6_5.7 Build Date: Mon 07 Apr 2014 11:= 34:45 AM UTC Install Date: Tue 08 Apr 2014 05:18:52 AM UTC Build Host: x86-027.buil= d.eng.bos.redhat.com [...] which despite the version number and date is *not* vulnerable. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no