[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: some FreeBSD ./configure problems

From: Mark . Burgess
Subject: Re: some FreeBSD ./configure problems
Date: Thu, 1 Aug 2002 15:16:02 +0200 (MET DST)

I don't think that any of the vulnerabilities apply to cfengine,
since only low level functions are used. None of the SSL/TLS
code is used.


On  1 Aug, David J. Bianco wrote:
> On Thu, 2002-08-01 at 07:49, address@hidden wrote:
>> > (1) cfengine depends on OpenSSL-0.9.6b but FreeBSD-STABLE only has 0.9.6a.
>> > I've looked at the OpenSSL ChangeLog and there don't appear to be any
>> > pressing reasons to require the later version, so could this be relaxed for
>> > convenience sake?
>> I think this might be ok, after all.
> Just a reminder, all versions prior to 0.9.6e (including the 0.7 beta) 
> have some serious security vulnerabilities which were announce this
> week.  I don't know if cfengine is using any of the pieces that have
> problems, but I think it's safe to say you should probably link anything
> you compile now to 0.9.6e or later.
>       David

Work: +47 22453272            Email:  address@hidden
Fax : +47 22453205            WWW  :  http://www.iu.hio.no/~mark

reply via email to

[Prev in Thread] Current Thread [Next in Thread]