From owner-freebsd-security@FreeBSD.ORG Tue Apr 8 19:02:23 2014 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 93545D89 for ; Tue, 8 Apr 2014 19:02:23 +0000 (UTC) Received: from mx1.adversec.com (adversec.com [94.23.253.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5E83616BF for ; Tue, 8 Apr 2014 19:02:23 +0000 (UTC) Date: Tue, 08 Apr 2014 20:54:35 +0200 From: Niklaus Schiess MIME-Version: 1.0 To: freebsd-security@freebsd.org Subject: Re: FreeBSD's heartbleed response References: <20140408174210.GA5433@behemoth> <20140408195049.04129f2a@azsupport.com> In-Reply-To: <20140408195049.04129f2a@azsupport.com> X-Enigmail-Version: 1.6 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Apr 2014 19:02:23 -0000 Plenty of FreeBSD deployments use 1.0.1x due to the lack of TLS 1.2 support in 0.9.x. So thats not an excuse. On 08.04.2014 19:50, Andrei wrote: > On Tue, 8 Apr 2014 10:46:12 -0700 > Mark Boolootian wrote: > >> While it may not be quite what you're looking for, ports contains >> OpenSSL 1.0.1g. > > And also FreeBSD 8.x/9.x not affected because have 0.9.x OpenSSL in base. > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" > -- PGP FP: CB84 8C68 ADDB 6C50 7DF1 4227 F2A6 056A A799 76DA