Date: Tue, 8 Apr 2014 12:26:38 -0700 From: John-Mark Gurney <jmg@funkthat.com> To: Florent Peterschmitt <florent@peterschmitt.fr> Cc: Mark Boolootian <booloo@ucsc.edu>, Chris Nehren <cnehren+freebsd-security@pobox.com>, freebsd-security@freebsd.org Subject: Re: FreeBSD's heartbleed response Message-ID: <20140408192638.GA34745@funkthat.com> In-Reply-To: <5344427B.3060205@peterschmitt.fr> References: <20140408174210.GA5433@behemoth> <CAMCLrkFXsnY-_KCw2PF0VtY6C0J-4CL03GzFskXmzUtLL2Ebig@mail.gmail.com> <5344427B.3060205@peterschmitt.fr>
next in thread | previous in thread | raw e-mail | index | archive | help
Florent Peterschmitt wrote this message on Tue, Apr 08, 2014 at 20:39 +0200:
> On 08/04/2014 19:46, Mark Boolootian wrote:
> > While it may not be quite what you're looking for, ports contains
> > OpenSSL 1.0.1g.
>
> Why not moving critical parts of the basesystem to ports, that will be
> installed at system installation of course?
Because we have programs in base that depend upon OpenSSL... so,
moving OpenSSL out of base is not really an option, unless you want
to remove fetch, hostapd, pkg, and wpa_supplicant from the base system,
we are stuck w/ OpenSSL in base...
yes, there is pkg there, how are you going to fetch packages to install
if you don't have that?
btw, all found w/ ldd /usr/bin/* /usr/sbin/* 2>/dev/null | less and
searching for libssl...
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have, has not."
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20140408192638.GA34745>