Date: Tue, 08 Apr 2014 20:17:45 +0200 From: "=?utf-8?B?TWVyaWpuIFZlcnN0cmFhdGVu?=" <merijn@inconsistent.nl> To: "=?utf-8?B?TmF0aGFuIERvcmZtYW4=?=" <na@rtfm.net>, "=?utf-8?B?TWlrZSBUYW5jc2E=?=" <mike@sentex.net> Cc: freebsd-security@freebsd.org Subject: =?utf-8?B?UmU6IEZyZWVCU0QncyBoZWFydGJsZWVkIHJlc3BvbnNl?= Message-ID: <20140408181745.F06A2C007AD@frontend1.nyi.mail.srv.osa>
next in thread | raw e-mail | index | archive | help
Unless I misunderstood earlier emails, the heartbeat extension os ALREADY disabled in base, therefore FreeBSD base isn't vulnerable and the only problem is people who installed a newer OpenSSL from ports. Cheers, Merijn ----- Reply message ----- From: "Nathan Dorfman" <na@rtfm.net> To: "Mike Tancsa" <mike@sentex.net> Cc: <freebsd-security@freebsd.org> Subject: FreeBSD's heartbleed response Date: Tue, Apr 8, 2014 20:05 Someone please correct me if I'm wrong, but I think simply adding -DOPENSSL_NO_HEARTBEATS to crypto/openssl/Makefile (and recompiling!) is sufficient to remove the vulnerability from the base system. -nd. _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20140408181745.F06A2C007AD>