From owner-freebsd-questions@FreeBSD.ORG  Fri Apr 16 15:40:07 2010
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id BEBCA106566B
	for <freebsd-questions@freebsd.org>;
	Fri, 16 Apr 2010 15:40:07 +0000 (UTC)
	(envelope-from tjg@soe.ucsc.edu)
Received: from mail-01.cse.ucsc.edu (mail-01.cse.ucsc.edu [128.114.48.32])
	by mx1.freebsd.org (Postfix) with ESMTP id A59188FC0A
	for <freebsd-questions@freebsd.org>;
	Fri, 16 Apr 2010 15:40:07 +0000 (UTC)
Received: from localhost (localhost.localdomain [127.0.0.1])
	by mail-01.cse.ucsc.edu (Postfix) with ESMTP id 63149100836F
	for <freebsd-questions@freebsd.org>;
	Fri, 16 Apr 2010 08:40:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at mail-01.cse.ucsc.edu
Received: from mail-01.cse.ucsc.edu ([127.0.0.1])
	by localhost (mail-01.cse.ucsc.edu [127.0.0.1]) (amavisd-new,
	port 10024)
	with ESMTP id FfKUNFIMhYC6 for <freebsd-questions@freebsd.org>;
	Fri, 16 Apr 2010 08:40:07 -0700 (PDT)
Received: from mail-01.cse.ucsc.edu (mail-01.cse.ucsc.edu [128.114.48.32])
	by mail-01.cse.ucsc.edu (Postfix) with ESMTP id 4E89410082C8
	for <freebsd-questions@freebsd.org>;
	Fri, 16 Apr 2010 08:40:07 -0700 (PDT)
Date: Fri, 16 Apr 2010 08:40:07 -0700 (PDT)
From: Tim Gustafson <tjg@soe.ucsc.edu>
To: freebsd-questions@freebsd.org
Message-ID: <579875351.673461271432407238.JavaMail.root@mail-01.cse.ucsc.edu>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-Originating-IP: [128.114.49.22]
X-Mailer: Zimbra 5.0.20_GA_3127.RHEL5_64 (ZimbraWebClient - FF3.0
	([unknown])/5.0.20_GA_3127.RHEL5_64)
Subject: OpenSSL 0.9.8k -> 0.9.8l
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Apr 2010 15:40:07 -0000

Hi,

I run a few web servers with need to be PCI compliant.  Apparently there's a problem with OpenSSL 0.9.8k that requires us to upgrade to 0.9.8l for us to maintain our compliance level.

I've csup'd to RELENG_8_0 and did a build/install cycle and OpenSSL is still at 0.9.8k.  Using RELENG_8 isn't really an option for me because the last I upgraded to that level, ipfw was broken and I'm not sure that the problem with ipfw has been fixed (Luigi tells me that it has, but I haven't had time to test it yet).

Is there any movement to patch RELENG_8_0 with OpenSSL 0.9.8l?  Or will I be stuck with 0.9.8k until I move to RELENG_8?

Tim Gustafson
Baskin School of Engineering
UC Santa Cruz
tjg@soe.ucsc.edu
831-459-5354