> From [email protected] Mon Nov 15 09:38:53 2010
> Date: Mon, 15 Nov 2010 18:40:27 +0300
> From: c0re <[email protected]>
> To: FreeBSD <[email protected]>
> Subject: Re: openssl version - how to verify
>
> 2010/11/15 Jerry <[email protected]>:
> There are still too many broken ports with openssl from ports, I do
> not like debug it and really like to use base openssl, almost no
> difference.
> But I just want to have some proves that base system openssl has
> security patches because 7.3-RELEASE base openssl is 0.9.8e, but
> 0.9.8e has got security vulnerabilities. But how can I be sure that
> freebsd base system with 0.9.8e version does not have any
> vulnerabilities?
_authoritative_ answer: You _cannot_.
Statement rationale:
"The number of discovered bugs in any system is a finite number.
The number of _UNDISCOVERED_ bugs, on the other hand, is an infinite one.
By definition."
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[email protected]"
