On 01/03/2018 14:48, Ronald F. Guilmette wrote:
>
> In message <477ab39d-286d-d9a2-d31e-fd5f7f167...@sentex.net>,
> Mike Tancsa wrote:
>
>> I am guessing this will impact FreeBSD as well ?
>>
>> http://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/
>
> Swell. Just swell.
>
> Why cou
Has anyone had time to discuss and form a plan for OpenSSL in stable/10,
now that 1.0.1 is end-of-life? I don't recall seeing any public
discussion or announcement; forgive me if I missed it.
Thanks,
Eric
___
freebsd-security@freebsd.org mailing list
On 08/22/2016 16:11, Bryan Drewery wrote:
> On 8/22/2016 1:01 PM, Eric van Gyzen wrote:
>> I had never looked at pam_ssh before. Does it really ignore authorized_keys
>> and
>
> Yeah, that was the entire purpose!
> https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=15
I had never looked at pam_ssh before. Does it really ignore authorized_keys and
allow authentication using any of the default key file names? After a quick
read of the code, that certainly seems to be the case. Does anyone else find
that alarming? Sure, it's in my ~/.ssh directory and has appro
Julian suggested that I share our private conversation:
Eric wrote:
> Regardless of my opinion on the topic, three of these are errata with no
> security implications, so the argument doesn't really apply in this context.
Julian wrote:
> Thanks Eric, fair point. So some of my argument doesnt a
On 10/01/2014 16:58, Bryan Drewery wrote:
> On 7/2/2014 8:55 PM, Bryan Drewery wrote:
>> On 7/2/2014 6:45 PM, Xin Li wrote:
>>> Hi,
>>>
>>> Currently, FreeBSD does not install a default /etc/ssl/cert.pem
>>> because we do not maintain one ourselves. We do, however, provide a
>>> port, security/ca_
