On Wed, Dec 25, 2013 at 10:52 AM, Mikhail T <mi+apa...@aldan.algebra.com> wrote: > On 20.12.2013 13:38, olli hauer wrote: >> md2 was deprecated in 2009 by the openssl project >> >> http://cvs.openssl.org/chngview?cn=18381 >> CVE-2009-2409 >> >> As fas as I know some Linux based projects have removed md2 from >> openssl-0.9.x in 2009. [..] > Could we, please, have MD2 resurrected before 10.0 is officially out? > Preferably in both -lmd and -lcrypto, but certainly in the former. Thank > you! Yours,
The time to bring this up was before the freeze for 10.0, a good 6+ months ago. It is way too late now. However.. the code in libmd had had a non-commercial use restriction.. Even if it wasn't too late, that code won't be back. Your best bet is to create a crypto/libmd2 port. Start with the code from openssl. -- Peter Wemm - pe...@wemm.org; pe...@freebsd.org; pe...@yahoo-inc.com; KI6FJV _______________________________________________ freebsd-current@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
