From owner-freebsd-security@FreeBSD.ORG  Thu Nov 19 15:19:25 2009
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 7CAF21065694
	for <freebsd-security@freebsd.org>;
	Thu, 19 Nov 2009 15:19:25 +0000 (UTC)
	(envelope-from rea-fbsd@codelabs.ru)
Received: from 0.mx.codelabs.ru (0.mx.codelabs.ru [144.206.177.45])
	by mx1.freebsd.org (Postfix) with ESMTP id 2F7708FC25
	for <freebsd-security@freebsd.org>;
	Thu, 19 Nov 2009 15:19:24 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=codelabs.ru; s=two; h=Date:From:To:Cc:Subject:Message-ID:
	Reply-To:References:MIME-Version:Content-Type:In-Reply-To:
	Sender; bh=YWnYhRc/lKjzy1I1GuPDqSDmbOJU+ubZrRTxc5v+qS0=; b=cGS+U
	TaG8tKMzG63ZgOkdnQwLxs4xh9CHcdzhp7jfjJk7107NN/I4o9HRjdg6fBNGskc5
	X/Yxe68UxstHFGUjr4X1c9k16XEsXo9m4ZWuCOj08/LiA+XRTTWyS+WBQnUxw1uB
	LoPa+bw7oyLmcMlRTLpEkbMgOwRf64z+Yb2qZwsk2xV48OtFGoD1QTKvffpkJpCO
	VFoKMgK3Wnq2m5GA19urbeA4Mj8c4DVnEF6yi0z/BTVaBdhyRnyTXR1FuOlidCt9
	BF/0Vb5GPECzR+8wH/Fm9WYO9IMpbqEbw/veb9a9ehOumwvgAmiw865C59b1uq1y
	S+Z70ngKG+1WylCoQ==
Received: from amnesiac.at.no.dns ([144.206.156.8])
	by 0.mx.codelabs.ru with esmtpsa (TLSv1:AES256-SHA:256)
	id 1NB8n5-000J2n-Gk; Thu, 19 Nov 2009 18:19:23 +0300
Date: Thu, 19 Nov 2009 18:19:34 +0300
From: Eygene Ryabinkin <rea-fbsd@codelabs.ru>
To: Daniel <da@lonx.net>
Message-ID: <KI9LnJ3Asehbq/UIDVfEP5O83BI@q0/gIhzL8HZaYRGvDPRDsZrJDxo>
References: <1e50fb510911170347t59ba964dhf3110980a5e70161@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <1e50fb510911170347t59ba964dhf3110980a5e70161@mail.gmail.com>
Sender: rea-fbsd@codelabs.ru
Cc: freebsd-security@freebsd.org
Subject: Re: Openssl TLS Reneg "Bug"
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: rea-fbsd@codelabs.ru
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Nov 2009 15:19:25 -0000

Tue, Nov 17, 2009 at 12:47:14PM +0100, Daniel wrote:
> new here so sorry if I am missing any important points. I was
> wondering#:   Does anyone know of the status of the "amended" openssl
> packages for FreeBSD. I'd like to try running our site with "reneg
> off", but I can't seem to find any notion of this on freebsd sites ?
> Any ideas, pointers ?

OpenSSL port was updated to 0.9.8l:
  http://www.freebsd.org/cgi/cvsweb.cgi/ports/security/openssl/Makefile?rev=1.158;content-type=text%2Fx-cvsweb-markup

OpenSSL in the base system wasn't patched, according to the
svn.frebsd.org.
-- 
Eygene
 _                ___       _.--.   #
 \`.|\..----...-'`   `-._.-'_.-'`   #  Remember that it is hard
 /  ' `         ,       __.--'      #  to read the on-line manual
 )/' _/     \   `-_,   /            #  while single-stepping the kernel.
 `-'" `"\_  ,_.-;_.-\_ ',  fsc/as   #
     _.-'_./   {_.'   ; /           #    -- FreeBSD Developers handbook
    {_.-``-'         {_/            #