On 2015-05-16 07:20, Kimmo Paasiala wrote:
On Fri, May 15, 2015 at 9:34 PM, Roger Marquis wrote:
Mark Felder wrote:
Another option is a second openssl port, one that overwrites base and
guarantees compatibility with RELEASE. Then we could at least have all
versions of openssl in vuln.xml (no
On 2015-07-08 10:49, Mark Felder wrote:
DNSSEC is not a requirement to run a DNS resolver.
It is requirement if you're using DANE or other technologies where the
trust model relies on authenticated DNS. I've always understood the
term "workaround" to mean "mitigate the problem without a loss
On 5/4/2016 3:55 PM, FreeBSD Security Advisories wrote:
FreeBSD-SA-16:17.opensslSecurity Advisory
The FreeBSD Project
Something seems amiss with the update servers:
# freebsd-version
10.3-RELEASE-p1
#
OpenSSL 1.0.2 before 1.0.2m (ports and 11.x base) are affected by
CVE-2017-3735 and CVE-2017-3736, the most recent reported on 2 November.
Why hasn't an SA and update for base been released, or security/openssl
been updated?
___
freebsd-security@free
On 2017-11-21 17:11, Robert Simmons wrote:
I don't have an answer for base, but I think if you just update your ports
tree, you will see the update to 1.0.2m was committed on Nov 2nd (2 weeks
and 5 days ago):
https://svnweb.freebsd.org/ports?view=revision&revision=453380
That explains ports: it
On 2017-11-28 22:15, FreeBSD Security Advisories wrote:
Corrected: 2017-11-02 18:30:41 UTC (stable/11, 11.1-STABLE)
2017-11-29 05:59:12 UTC (releng/11.1, 11.1-RELEASE-p5)
2017-11-29 05:59:12 UTC (releng/11.0, 11.0-RELEASE-p16)
27 days to merge from stable
On 06/27/2018 23:08, Thomas Steen Rasmussen wrote:
Anything that speaks to untrusted network clients belongs in a jail, but
to my knowledge both ntpds are unjailable because they want to use some
kernel system calls (to adjust time) which are not allowed in jails (as
it should be).
In my opin
Given /usr/share/certs exists for all supported releases, is there any
reason to keep the ca_root_nss port?
On 2023-02-08 11:08, FreeBSD Security Advisories wrote:
=
FreeBSD-SA-23:01.geli Security Advisory
The FreeBSD Project
Topic
On 2023-02-10 3:25, Mariusz Zaborski wrote:
To test decryption in dry mode (can be used on the decrypted device):
echo -n | geli attach -C -p -k - dev
If it succeeds you want to re-encrypt your devices.
Does this count as a success or a failure?
# echo -n | geli attach -C -p -k - gpt/zdata15
On 2023-02-16 17:27, grarpamp wrote:
On 2/15/23, Mel Pilgrim wrote:
# echo -n | geli attach -C -p -k - gpt/zdata15
geli: Wrong key for gpt/zdata15.
geli: There was an error with at least one provider.
That test failed so the "empty" or "NULL" key (aka "echo -n"
11 matches
Mail list logo
