On 4/8/2014 9:15 AM, Vick Khera wrote: > On Tue, Apr 8, 2014 at 9:11 AM, Jim Pingle <li...@pingle.org> wrote: >> Actually with the release engineering process fresh in our heads/muscle >> memory and everything practically set to go, it's not exactly a horrible >> time for it to have happened, but not ideal. > > Would testing be faster/easier if you just disabled the heartbeat > feature on the current open SSL version and recompiled? That > effectively removes the vulnerability too.
IMO, If we're recompiling anything at all we may as well update to a non-vulnerable version. No need for shortcuts. Jim _______________________________________________ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list