From owner-freebsd-security@FreeBSD.ORG Wed Apr 9 22:17:28 2014 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 51F9AF9E for ; Wed, 9 Apr 2014 22:17:28 +0000 (UTC) Received: from anubis.delphij.net (anubis.delphij.net [IPv6:2001:470:1:117::25]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "anubis.delphij.net", Issuer "StartCom Class 1 Primary Intermediate Server CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 32BFF1A71 for ; Wed, 9 Apr 2014 22:17:28 +0000 (UTC) Received: from zeta.ixsystems.com (unknown [69.198.165.132]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by anubis.delphij.net (Postfix) with ESMTPSA id AB04313A9A; Wed, 9 Apr 2014 15:17:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=delphij.net; s=anubis; t=1397081847; bh=dPux8UkcEfO+KtOcizR86dn3icLhU3n3GTeEIfh2snA=; h=Date:From:Reply-To:To:Subject:References:In-Reply-To; b=zG25N8aoYU68f7PSxQlHXjcUsJakjbagMltKtCdBv6jxxueiopLoURxhw455nQDrY no6m+OeM5sZXiPG4FHYHGiWQxy43807VzM/j4jivdpo9WpOMbg30DYh3s3hFPS8k4F wEJnHR52nBJWLFHCeL8hV6BZfOevBEOrmMIkw8zg= Message-ID: <5345C6F7.8060105@delphij.net> Date: Wed, 09 Apr 2014 15:17:27 -0700 From: Xin Li Organization: The FreeBSD Project MIME-Version: 1.0 To: "Ronald F. Guilmette" , freebsd-security@freebsd.org Subject: Re: linux-f10-openssl References: <39203.1397081707@server1.tristatelogic.com> In-Reply-To: <39203.1397081707@server1.tristatelogic.com> X-Enigmail-Version: 1.6 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list Reply-To: d@delphij.net List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Apr 2014 22:17:28 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 04/09/14 15:15, Ronald F. Guilmette wrote: > > Does this port (linux-f10-openssl) also need to be > rebuilt/reinstalled? No, it's too old to be vulnerable to CVE-2014-0160 ("Heartbleed") vulnerability, however it may be affected by certain other OpenSSL issues. Cheers, - -- Xin LI https://www.delphij.net/ FreeBSD - The Power to Serve! Live free or die -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (FreeBSD) iQIcBAEBCgAGBQJTRcb3AAoJEJW2GBstM+nsQe4P/3ME48vPhbUrInEGF/JKxPO/ JV+sqQ83zvrBYKsqUj1q3bzBzcahvmGtGxjW76wwXuiU2zFnL2VrhttVIFNL+mDw h3QoEpN768GJWwSBx5eTziH7Q0CQFa1DUQVongdK5DafDPNYL4HVFOac5lxGGByx u/eLpLhcYSM6xRYgCEvXhID0npAKQfaCWEQ1oOdmr/rlkobRKBnp6HcoXm7BH+WW 8LpS8FF8xfIJLy/ilpcflblFt+aeDQmtobigPg+qCFOSA7936U3M57TFF5/imPwV dZDXnInu9DPFwYGEGF98Bz9vhqPCewks0gYbf2WD98k7x+VFaei69UyxjnR0ptU3 DuFiJcalf+3qs/DoZQV/SLxypBvCuKnJUTBa9BRb+ZTYEmyCp+mkIfBndlM1Fd2O 5TgiAulsmS30Dqcn3OsoBTeOO1LkC9B8+ZcZe3KGvCaztQYqb8ID3ZhpcYxxhAuM 27R67MTd9O9aM/EFgT9W2d4+eV0YHYjh8JR6HEKBAtG7mWHRGg+gyoHpj7ZaHduW UniSGFUBMF2g7bF5WyosbbAIhNMukWj1SzgBTNaowWJGXfWRRRGXXHyXQToqtLrv NHy37lrUPC1pAX4iqCdVcymbbCNG/3z1k7EbPJe1Coob/WCbKZQGOovL/YABVs5B 3eaiNG0ueO84Vs3tnQBQ =f3T5 -----END PGP SIGNATURE-----