Bryan Drewery <bdrew...@freebsd.org> writes: > Also, that this was a partial release of 1.0.1g is confusing a LOT of > users. They think they are still vulnerable. They expect to see 1.0.1g > in 'openssl version'. We could have our own version string in 'openssl > version' to remedy this.
This is no different from what other OSes do, e.g. RHEL6.5: % cat /etc/redhat-release Red Hat Enterprise Linux Workstation release 6.5 (Santiago) % openssl version OpenSSL 1.0.1e-fips 11 Feb 2013 % TZ=UTC rpm -qi openssl Name : openssl Relocations: (not relocatable) Version : 1.0.1e Vendor: Red Hat, Inc. Release : 16.el6_5.7 Build Date: Mon 07 Apr 2014 11:34:45 AM UTC Install Date: Tue 08 Apr 2014 05:18:52 AM UTC Build Host: x86-027.build.eng.bos.redhat.com [...] which despite the version number and date is *not* vulnerable. DES -- Dag-Erling Smørgrav - d...@des.no _______________________________________________ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
