>From [email protected] Wed Apr 9 00:37:34 2014 > >IV. Workaround > >No workaround is available, but systems that do not use OpenSSL to implement >the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) >protocols implementation and do not use the ECDSA implementation from OpenSSL >are not vulnerable.
Please help me find out if my systems are vulnerable. I use authenticated sendmail with security/cyrus-sasl2: # grep SENDMAIL /etc/make.conf SENDMAIL_CFLAGS+= -I/usr/local/include -DSASL=2 SENDMAIL_LDFLAGS+= -L/usr/local/lib SENDMAIL_LDADD+= -lsasl2 # I also use ssh-keygen(1). Am I affected? Is it possible to list a few sample base OS programs or libraries which are affected? Apologies if I completely misunderstood the advisory. Thanks _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"
