Why no update of base/ports openssl for recent CVEs?

Tue, 21 Nov 2017 15:31:57 -0800

OpenSSL 1.0.2 before 1.0.2m (ports and 11.x base) are affected by CVE-2017-3735 and CVE-2017-3736, the most recent reported on 2 November. 


Why hasn't an SA and update for base been released, or security/openssl 
been updated?

_______________________________________________
[email protected] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "[email protected]"






















					Reply via email to