2010/11/15 Jerry <freebsd.u...@seibercom.net>: > On Mon, 15 Nov 2010 16:17:10 +0300 > c0re <nr1c...@gmail.com> articulated: > >> If I look at base openssl in 7.3-RELEASE-p3 >> >> sys# openssl version -a >> OpenSSL 0.9.8e 23 Feb 2007 >> built on: Mon Sep 27 11:54:36 MSD 2010 >> platform: FreeBSD-i386 >> options: bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) >> blowfish(idx) compiler: cc >> OPENSSLDIR: "/etc/ssl" >> >> but at www.openssl.org I see that it's not recent version >> >> 01-Jun-2010: OpenSSL 0.9.8o is now available, including >> important bug and security fixes >> >> I know that freebsd security team make patches for base openssl, but >> how can I know what patchlevel of openssl in base version? >> >> Like "-p5" in "OpenSSL 0.9.8e-p5 23 Feb 2007". > > Why not just install the ports version: > > openssl version -a > OpenSSL 1.0.0a 1 Jun 2010 > built on: Sun Jun 6 12:19:12 EDT 2010 > platform: BSD-x86_64 > options: bn(64,64) rc4(8x,int) des(idx,cisc,16,int) idea(int) blowfish(idx) > compiler: cc -fPIC -DOPENSSL_PIC -DZLIB_SHARED -DZLIB -DOPENSSL_THREADS > -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DL_ENDIAN -DTERMIOS -O3 > -DMD32_REG_T=int -Wall -O2 -pipe -march=athlon64 -fno-strict-aliasing > -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM > -DSHA512_ASM -DMD5_ASM -DAES_ASM -DWHIRLPOOL_ASM > OPENSSLDIR: "/usr/local/openssl" > > You would need to add this to the "/etc/make.conf" file first I believe: > > WITH_OPENSSL_PORT=yes >
There are still too many broken ports with openssl from ports, I do not like debug it and really like to use base openssl, almost no difference. But I just want to have some proves that base system openssl has security patches because 7.3-RELEASE base openssl is 0.9.8e, but 0.9.8e has got security vulnerabilities. But how can I be sure that freebsd base system with 0.9.8e version does not have any vulnerabilities? _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
