On Thu, 05 Jun 2014, 13:16 +0000, FreeBSD Security Advisories wrote: > Corrected:
> 2014-06-05 12:33:23 UTC (releng/9.2, 9.2-RELEASE-p8) > VI. Correction details > Branch/path Revision > ------------------------------------------------------------------------- > releng/9.2/ r267104 I've just src-upgraded a system and expected to see OpenSSL version 0.9.8za at the end of it all. I checked the patches and the OpenSSL version number wasn't touched. Is this an expected outcome? rwsrv04> uname -v; openssl version FreeBSD 9.2-RELEASE-p8 #0 r267130: Fri Jun 6 12:43:09 AEST 2014... OpenSSL 0.9.8y 5 Feb 2013 rwsrv04> ls -l /usr/lib/libssl.so.6 -r--r--r-- 1 root wheel 304808 6 Jun 13:31 /usr/lib/libssl.so.6 I understand that it was the FreeBSD distribution that was patched and not the OpenSSL distribution, but having the operating system and applications reporting a "vulnerable" version of OpenSSL isn't reassuring to other folks. -- John Marshall
pgperecHkl9Pt.pgp
Description: PGP signature
