From owner-freebsd-security  Wed Jul 31  3:41:31 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 6C93237B400; Wed, 31 Jul 2002 03:41:27 -0700 (PDT)
Received: from bunning.skiltech.com (bunning.skiltech.com [216.235.79.240])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id B7D3643E4A; Wed, 31 Jul 2002 03:41:26 -0700 (PDT)
	(envelope-from minter@lunenburg.org)
Received: (from root@localhost)
	by bunning.skiltech.com (8.12.3/8.12.3) id g6VAfPar083692;
	Wed, 31 Jul 2002 06:41:25 -0400 (EDT)
	(envelope-from minter@lunenburg.org)
Received: from dundas.lunenburg.org (rdu162-234-201.nc.rr.com [24.162.234.201])
	(authenticated bits=0)
	by bunning.skiltech.com (8.12.3/8.12.3) with ESMTP id g6VAfK04083675
	(version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO);
	Wed, 31 Jul 2002 06:41:22 -0400 (EDT)
	(envelope-from minter@lunenburg.org)
Date: Wed, 31 Jul 2002 06:41:20 -0400
Subject: Re: OpenSSL workaround
Content-Type: text/plain; charset=US-ASCII; format=flowed
Mime-Version: 1.0 (Apple Message framework v482)
Cc: security@freebsd.org
To: "Jacques A. Vidrine" <nectar@freebsd.org>
From: "H. Wade Minter" <minter@lunenburg.org>
In-Reply-To: <20020731032131.GB38906@madman.nectar.cc>
Message-Id: <0CDD655A-A472-11D6-AA2C-003065819B10@lunenburg.org>
Content-Transfer-Encoding: 7bit
X-Mailer: Apple Mail (2.482)
X-Virus-Scanned: by AMaViS perl-11
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org


On Tuesday, July 30, 2002, at 11:21  PM, Jacques A. Vidrine wrote:

> On Tue, Jul 30, 2002 at 10:13:05PM -0400, H. Wade Minter wrote:
>> I saw that openssl got committed to RELENG_4_6 today, but haven't 
>> seen a
>> security announcement go by.  What's the recommended way to patch this
>> openssl hole?
>
> You can cvsup to RELENG_4_6.
>
> I probably won't send out the announcement until I've finished with
> RELENG_4_5 and RELENG_4_4, and that won't be tonight.  For various
> reasons, merging and testing the upgrade is time consuming.

I knew I should have been clearer.  :-)  I cvsup'd to RELENG_4_6, but am 
curious about the steps to fix the problem after that.   There's no 
standard Makefile in /usr/src/crypto/openssl/ - do I do the normal "make 
depend install" procedure on Makefile.org or Makefile.ssl instead?

--Wade


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message