Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

OpenSSL marked deprecated?

5 views
Skip to first unread message

Billy Newsom

unread,
Jan 14, 2010, 6:28:24 PM1/14/10
to freebsd-...@freebsd.org
Why is the OpenSSL port marked deprecated? No security issue, but the port
builds... no fallback to a safe alternative, no known fix? Does the security
team know?

===> Cleaning for openssl-0.9.8l_1
===> openssl-0.9.8l_1 is marked as broken: coredumps on i386 and amd64.
*** Error code 1

Maybe someone should explain this in a way we can understand? The port
maintainer or "dinoex" is responsible....
din...@FreeBSD.org

From the Makefile for the port:

# $FreeBSD: ports/security/openssl/Makefile,v 1.161 2010/01/12 15:43:52 dinoex
Exp $

BROKEN= coredumps on i386 and amd64
DEPRECATED= has unfixed vulnerabilities
EXPIRATION_DATE=2010-01-12

Where have there been coredumps? Says who? Where? Why? How? When? Which
version? Which OS?

Billy

Xin LI

unread,
Jan 14, 2010, 7:30:25 PM1/14/10
to freebsd-...@freebsd.org, bi...@nlcc.us
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 2010/01/14 15:28, Billy Newsom wrote:
> Why is the OpenSSL port marked deprecated? No security issue, but the
> port builds... no fallback to a safe alternative, no known fix? Does the
> security team know?

Please update your ports tree, you have a stale version of the port...

Cheers,
- --
Xin LI <del...@delphij.net> http://www.delphij.net/
FreeBSD - The Power to Serve! Live free or die
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (FreeBSD)

iQEcBAEBAgAGBQJLT7chAAoJEATO+BI/yjfBHUsH/25OGrb2rjTyuz8/BMrpIfiG
I20QWulnm5QwiAKY9yHHpyu+B4e49UZIySTpP/hIAfiaMLpSgKCpBHC6oRkCopaZ
naLrx7Ip6nRyjONNNalWZiP3rAcbzNpmHXoNzxORFX6GXhTFUpA8M9gWVmC8brH/
v/KDEgeXGLrR72JZdR9l/JLIQB6LiHKtU2yKg0QHPNoipz660KroQf0MibItGa4+
pws/XOwDI3vSIJ8PieDBD6J4pMgudF+P/a8fEWEd4CaHXpEqoE7RmKvMZ0IaM4NZ
Tvws2/ylPev1Ien0MTf05GhOwj5oL1qFS/ruXfWb9R9qEL4TvUhrZ7yOipjP0KQ=
=LBdg
-----END PGP SIGNATURE-----

Xin LI

unread,
Jan 14, 2010, 7:29:27 PM1/14/10
to freebsd-...@freebsd.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 2010/01/14 15:28, Billy Newsom wrote:

> Why is the OpenSSL port marked deprecated? No security issue, but the
> port builds... no fallback to a safe alternative, no known fix? Does the
> security team know?

Please update your ports tree, you have a stale version of the port...

Cheers,
- --
Xin LI <del...@delphij.net> http://www.delphij.net/
FreeBSD - The Power to Serve! Live free or die
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (FreeBSD)

iQEcBAEBAgAGBQJLT7bnAAoJEATO+BI/yjfBcKQH/2L1ejz5cDLn5oH6Ne+FWdep
cZMxd6EiWx2J005o5rKmVPPprTDVEcID2j2w1CTkMiGoW2LIFtEsbZb20OVvUGVc
0qaJw0b2lZZnqXKCieYzU+gsJP2fPUux0Px3awiNZUjY4rozxvo8XiUjOvvfQZR8
5JuT1/Cm6LxV0YLmAWFtLVtn4dGDzBZ+jangdiyBUrosKgiyrfFNpsgCwEh54Hyr
PDtgFvTpW7Ox6EwPv5ocUVsn5R2Rjd/hYH2/OvvNvqSc3Yn4gbN0v/ilkHxerobw
dNXur16YGaEXREnj+L9RxmWNG89tLCJzLxVHJHIb5cZtU4KEYOpyqukTzo3rVVs=
=qFfg
-----END PGP SIGNATURE-----

Kenyon Ralph

unread,
Jan 14, 2010, 7:31:15 PM1/14/10
to freebsd-...@freebsd.org
On 2010-01-14T17:28:24-0600, Billy Newsom <bi...@nlcc.us> wrote:
> Why is the OpenSSL port marked deprecated? No security issue, but
> the port builds... no fallback to a safe alternative, no known fix?
> Does the security team know?
[...]

> Where have there been coredumps? Says who? Where? Why? How? When?
> Which version? Which OS?

There is a thread about this on freebsd-ports, but I don't know if it
answers all of your questions (yet):
http://lists.freebsd.org/pipermail/freebsd-ports/2010-January/thread.html#58899

--
Kenyon Ralph

signature.asc
0 new messages