Date: Tue, 16 Jun 2015 16:49:18 -0400 From: Shawn Webb <shawn.webb@hardenedbsd.org> To: Gregory Neil Shapiro <gshapiro@FreeBSD.org> Cc: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r284436 - head/contrib/sendmail/src Message-ID: <1434487758.5828.6.camel@hardenedbsd.org> In-Reply-To: <201506160258.t5G2wo3a055792@svn.freebsd.org> References: <201506160258.t5G2wo3a055792@svn.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--=-ON3oJiJYDEQXhbEZfHCO Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Tue, 2015-06-16 at 02:58 +0000, Gregory Neil Shapiro wrote: > Author: gshapiro > Date: Tue Jun 16 02:58:50 2015 > New Revision: 284436 > URL: https://svnweb.freebsd.org/changeset/base/284436 >=20 > Log: > The import of openssl to address the FreeBSD-SA-15:10.openssl security > advisory includes a change which rejects handshakes with DH parameters > below 768 bits. sendmail releases prior to 8.15.2 (not yet released), > defaulted to a 512 bit DH parameter setting for client connections. > This commit chages that default to 1024 bits. sendmail 8.15.2, when > released well use a default of 2048 bits. If upstream will be using 2048 bits, why not simply use that? --=20 Shawn Webb HardenedBSD GPG Key ID: 0x6A84658F52456EEE GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89 3D9E 6A84 658F 5245 6EEE --=-ON3oJiJYDEQXhbEZfHCO Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAABCgAGBQJVgIvTAAoJEGqEZY9SRW7uKCoQAIUrVFiaOYURNRjde857s/kt aFef4lz6dLwDIIHiH4/c4mJWLaqJsVVxrGUB0yKoeyO8o2Si+1ogJaqhlSsJwIts fUviZRtF4kEB1vzBn0phzvx1Poxp6Nfe/VI8VxQVydW/PMxcck1hLbMAV+1eicxS bX7WARmrtUlL3CSCGF6RwZwyzNWgB81gSeoBQyK6AKYR/ORlaijPGgxJGIKoB4Z+ fNPBfXgrrXMXX5xzzPD5D38DHmM8nznjyNoQki3iJH6s6EcmiFKiZijLTYPW2EdW JATsEFviZ8PHYcYBd3jj5fdLRVdBzb1r+AO21JzStUHYJO1zj9KfQN37y+U3a2dN IAhqAxQwyQiCX6tJriakuOLVeFY8415GlIH2ts31yXvbHrDKCGM2BrdZGw55/JaS JK7VXKKpUGX2mYMHpTjzb3eEDb0YF/3ORyR78sAI7oTr9uaARA4VGwFM+frzPRlk DMLc+av8Iik+eSldODsQTBNJeC+T3kdx5s8g0HehYCiroAHD/2LX3X85UCaoGrwc yaKrZDyrl/5e8mcpW7bYy4bceOqxKEjJdAwvq1BDJhez7TDMnNoD4FTl5SUfhn43 SyDSvBOSStyzTu2MhMMobLxGlqCzPho1WRM0wZRy8duWjc6qN1syx8wZZ/O4bDMQ rXXl+GXdqFauF87UaH6Y =U1Xz -----END PGP SIGNATURE----- --=-ON3oJiJYDEQXhbEZfHCO--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1434487758.5828.6.camel>