Date: Sat, 13 Jun 2015 13:13:06 +0200 From: Michelle Sullivan <michelle@sorbs.net> To: Don Lewis <truckman@FreeBSD.org> Cc: ml@netfence.it, freebsd-ports@FreeBSD.org Subject: Re: OpenSSL Security Advisory [11 Jun 2015] Message-ID: <557C1042.4050405@sorbs.net> In-Reply-To: <201506130551.t5D5pqiO084627@gw.catspoiler.org> References: <201506130551.t5D5pqiO084627@gw.catspoiler.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Don Lewis wrote: > On 13 Jun, Michelle Sullivan wrote: > > >> SSH would be the biggie that most security departments are scared of... >> > > Well, ssh is available in ports, though I haven't checked to see that it > picks up the correct version of openssl. > > Problem is it doesn't have 'overwrite base' anymore - and openssh-portable66 which does have overwrite base is now marked depreciated... which means one would have to be very careful about how they use SSH in production as both server and client... Server is easier as it has a different _enable identifier... but the client is not distinguishable so unless one puts /usr/local/bin in their permanent path as a priority over /usr/bin one will use the wrong version. -- Michelle Sullivan http://www.mhix.org/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?557C1042.4050405>