On 3/19/15 15:08 , Nick Jones via smartos-discuss wrote: > There was another round of OpenSSL revelations today, and while not as > severe as Heartbleed or POODLE, people are still advised to upgrade. > > https://infected.io/wp-content/uploads/2015/03/openssl_secadv_20150319.txt > > Any idea when we'll see a patch released and which platform versions will > be updated?
Hi Nick, Speaking from the platform's perspective, we've already pushed that and are working through the builds. It will be a part of the forthcoming release. The OpenSSL that is in the platform is used by very little for TLS. You can follow along with https://help.joyent.com/entries/64690430-Security-Advisory-SSL-Vulnerabilities-Identified for more news as well with respect to pkgsrc updates. Robert ------------------------------------------- smartos-discuss Archives: https://www.listbox.com/member/archive/184463/=now RSS Feed: https://www.listbox.com/member/archive/rss/184463/25769125-55cfbc00 Modify Your Subscription: https://www.listbox.com/member/?member_id=25769125&id_secret=25769125-7688e9fb Powered by Listbox: http://www.listbox.com
