On 04/08/2014 03:34 PM, Jim Pingle wrote: > On 4/8/2014 9:15 AM, Vick Khera wrote: >> On Tue, Apr 8, 2014 at 9:11 AM, Jim Pingle <[email protected]> wrote: >>> Actually with the release engineering process fresh in our heads/muscle >>> memory and everything practically set to go, it's not exactly a horrible >>> time for it to have happened, but not ideal. >> Would testing be faster/easier if you just disabled the heartbeat >> feature on the current open SSL version and recompiled? That >> effectively removes the vulnerability too. > IMO, If we're recompiling anything at all we may as well update to a > non-vulnerable version. No need for shortcuts. > > Jim
oh man. this is a nightmare -- NSA is having a field day with this. how long has it been around? thanks m _______________________________________________ List mailing list [email protected] https://lists.pfsense.org/mailman/listinfo/list
