On 11/19/2013 7:44 AM, Paul Hoffman wrote:
Greetings again. Why does this announcement only apply to:
Affects: FreeBSD 10.0-BETA
That might be the only version where aes128-gcm and aes256-gcm are in
the defaults, but other versions of FreeBSD allow you to specify
cipher lists in /etc/ssh/sshd_config. I would think that you would
need to update all systems running OpenSSH 6.2 and 6.3, according to
the CVE. FWIW, when I did a freebsd-update on my 9.2-RELEASE system,
sshd (6.2) was not updated.
The other requirement for being vulnerable is OpenSSH must be compiled
with TLS 1.2 support (i.e., linked to OpenSSL v1.0.1 or later). FreeBSD
9.2 only has OpenSSL 0.9.8.y.
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "[email protected]"
