Hello! On Sat, Dec 19, 2009 at 09:58:49AM +0100, H. Ingow wrote:
[...] > Please try to compile your application against the version of openssl > available in the ports tree. > > As you already mentioned (SA-09:15) breaks renegotiation with base system's > openssl by fixing > a security issue ( it actually does). > > Prerequisite for the following is, of course, to install > /usr/ports/security/openssl which will give you > openssl 0.9.8l . (You do not necessarily have to remove the base openssl) OpenSSL 0.9.8l has renegotiation disabled too, this won't help. The only difference is that 0.9.8l has some means to re-enable legacy renegotiation which may be utilized by applications which are aware of the problem. Maxim Dounin _______________________________________________ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
