Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 25 Aug 2021 20:20:02 +0200
From:      Miroslav Lachman <000.fbsd@quip.cz>
To:        freebsd-security@freebsd.org
Subject:   Re: FreeBSD Security Advisory FreeBSD-SA-21:16.openssl
Message-ID:  <7d35f093-e125-3328-e7b1-c4012fcd6106@quip.cz>
In-Reply-To: <7137A3E8-7B53-452B-8187-9F873A68A228@tetlows.org>
References:  <20210824205300.305BF72EF@freefall.freebsd.org> <44434c22-51c6-92cb-c9de-60fae4764347@sentex.net> <A032A5CA-9FF3-4DBE-A4AD-8AE20B48544D@tetlows.org> <c63f05fa-b710-e577-845e-c019c08de4df@sentex.net> <7137A3E8-7B53-452B-8187-9F873A68A228@tetlows.org>

next in thread | previous in thread | raw e-mail | index | archive | help
On 25/08/2021 17:35, Gordon Tetlow via freebsd-security wrote:

[...]

>> Hi Gordon,
>>
>>      I was thinking more in terms of just a mention that RELENG_11 is
>> indeed vulnerable, no ?
> 
> I hear you. We don't really have a way of doing that with our existing SA setup. It's oriented to releasing patches; it is not equipped to notify users of vulnerabilities that we do not have a patch for. Let me think on how we might support such a thing and discuss with the team.

Will it be published (marked as vulnerable) in vuln.xml so users of 
security/base-audit will be notified?

Kind regards
Miroslav Lachman



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?7d35f093-e125-3328-e7b1-c4012fcd6106>