On Apr 8, 2014, at 4:39 PM, Rainer Duffner <[email protected]> wrote:
> > Am 08.04.2014 um 21:04 schrieb Jim Thompson <[email protected]>: > >> >> Well, that’s the point, Paul. (You hit the nail on the head.) >> >> If you don’t have an openssl service exposed, the problem doesn’t affect you. >> >> Since normally the web GUI isn’t exposed to the WAN, the attack surface is >> minimized. >> >> We are working at cutting a new release. > > > > Hi, > > according to: > > http://www.kb.cert.org/vuls/id/BLUU-9HY33E > > only FreeBSD 10 is affected. > > There are binary updates for FreeBSD 10 available, just no advisory-text. The advisory is now out (FreeBSD Security Advisory FreeBSD-SA-14:06.openssl). It includes this line: Affects: All supported versions of FreeBSD. I've already updated a bunch of FreeBSD 9.2-RELEASE-p3 and 10.0-RELEASE systems via freebsd-update. I'm updating my 9-STABLE and 10-STABLE systems now via a source update... Cheers, Paul. _______________________________________________ List mailing list [email protected] https://lists.pfsense.org/mailman/listinfo/list
