OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Geir Råness (pulz_at_pulz.no)
Date: Tue Jul 30 2002 - 11:56:12 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    I talked with an freind of mine who tried this solution, and he told me that it where only one patch that failed.
    If you remove the patch "patch-ah" the build will go fine.

    But as many know, the port of openssl will not completly replace the core openssl.
    (You could see this if you build mod_ssl)

    So the best thing is to wait for en offical patch.

    Best Regards
    Geir Råness

    ----- Original Message -----
    From: "Gabriel Ambuehl" <gabriel_ambuehlbuz.ch>
    To: "Geir Råness" <pulzpulz.no>
    Cc: <freebsd-securityfreebsd.org>
    Sent: Tuesday, July 30, 2002 6:37 PM
    Subject: Re[2]: About the openssl hole

    > -----BEGIN PGP SIGNED MESSAGE-----
    >
    > Hello Geir,
    >
    > Tuesday, July 30, 2002, 6:26:05 PM, you wrote:
    >
    > > I cant do that, but you could easy edit the old port your self and
    > fix it that way.
    >
    > Well I tried to do that... It's just that openssl.org is practically
    > down (you know what I mean...) and thus I was pretty much out of luck
    >
    > > It's your own choice what to do, if you want to risk it do so.
    >
    > I would have risked it (in any case, it's still better to kill SSL
    > services myself trying to defend from the blackhats than having the
    > blackhats destroying everything...)
    >
    > > If not, wait for the freebsd team to make an patch for us.
    >
    > That's more or less what I'm doing now.
    >
    > > If you take a quick look at the current branch you will se that
    > > the openssl is changed to 0.9.6.e, but as we know, current branch
    > aint so stable.
    >
    > I'll have another shot at current once the TrustedBSD stuff is in
    > cause I really want to have ACLs ASAP but running it in production is
    > entirely out of question right now.
    >
    >
    >
    > Best regards,
    > Gabriel
    >
    > -----BEGIN PGP SIGNATURE-----
    > Version: PGP 6.0.2i
    >
    > iQEVAwUBPUayoMZa2WpymlDxAQHS2wf9GgUFkA3eI2rSJlKYynsnzisode50bYdW
    > TINnOJW/8mYYUBTiIXDLYZ6Xt+ZZhu+0LzlCQcu9XvgHnxsabDztUYAdGt/XCmde
    > BAUysjmfoRR9FlUEjK9brovds/LKiKODoBSmN2LUSnPDUm0V0ojJbezfQPiRIEmc
    > yHa4cKxWJoMq4gRNRTOCLr2rwVe78rbK1xw3ICe+Z0cDUzJX8VzZijKfzY39aZ9L
    > OPSMdLQ0cJf1ASsJRthNRqzHc299oVdNbRoFia1AR9p1fpaN2u/0qu/9GxQQtYKY
    > T4z17Enao5A8Htf2tJcWZ1/+AXkJ639/gsYUflfV7HgLruEKAwIYoA==
    > =nLA8
    > -----END PGP SIGNATURE-----
    >
    >

    To Unsubscribe: send mail to majordomoFreeBSD.org
    with "unsubscribe freebsd-security" in the body of the message