From owner-freebsd-security@FreeBSD.ORG  Mon Nov 21 13:51:23 2005
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
X-Original-To: freebsd-security@freebsd.org
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id B10F316A41F
	for <freebsd-security@freebsd.org>;
	Mon, 21 Nov 2005 13:51:23 +0000 (GMT)
	(envelope-from sergey@kovalev.com.ru)
Received: from cp29.agava.net (cp29.agava.net [81.177.7.37])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 3FAE343D45
	for <freebsd-security@freebsd.org>;
	Mon, 21 Nov 2005 13:51:22 +0000 (GMT)
	(envelope-from sergey@kovalev.com.ru)
Received: from drweb by cp29.agava.net with drweb-scanned (Exim 4.44 (FreeBSD))
	id 1EeC4e-0001Ga-9F; Mon, 21 Nov 2005 16:51:12 +0300
Received: from [213.152.157.43] (helo=[192.168.1.44])
	by cp29.agava.net with esmtpsa (TLSv1:AES256-SHA:256)
	(Exim 4.44 (FreeBSD))
	id 1EeC4d-0001F9-UY; Mon, 21 Nov 2005 16:51:12 +0300
Message-ID: <4381D108.6030803@kovalev.com.ru>
Date: Mon, 21 Nov 2005 16:52:08 +0300
From: Sergey Kovalev <sergey@kovalev.com.ru>
User-Agent: Mozilla Thunderbird 1.0.7 (X11/20051113)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: timothy@open-networks.net
Content-Type: text/plain; charset=KOI8-R; format=flowed
Content-Transfer-Encoding: 7bit
X-AntiAbuse: This header was added to track abuse,
	please include it with any abuse report
X-AntiAbuse: Primary Hostname - cp29.agava.net
X-AntiAbuse: Original Domain - freebsd.org
X-AntiAbuse: Originator/Caller UID/GID - [426 426] / [26 6]
X-AntiAbuse: Sender Address Domain - kovalev.com.ru
X-Source: 
X-Source-Args: 
X-Source-Dir: 
Cc: freebsd-security@freebsd.org
Subject: Re: FreeBSD-SA-05:21.openssl and 6.0
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Nov 2005 13:51:23 -0000

 > FreeBSD-SA-05:21.openssl.asc lists this advisory as for all releases,
 > yet the patch only applies up to 5.4 ? does this mean 6 release isn't
 > effected?

 > uname -a
FreeBSD support1.domain 6.0-RELEASE FreeBSD 6.0-RELEASE #0: Thu Nov  3 
09:36:13 UTC 2005     root@x64.samsco.home:/usr/obj/usr/src/sys/GENERIC 
  i386

 > grep -A 1 "FreeBSD-SA-05:21.openssl.asc" /usr/src/UPDATING
20051011:		FreeBSD-SA-05:21.openssl
	Correct a man-in-the-middle SSL version rollback vulnerability.