OpenSSL and CVE-2021-3711 / CVE-2021-3712 / any others

Started by PerpetualNewbie, August 30, 2021, 11:38:23 PM

Previous topic - Next topic
Print
Go Down Pages 1 2
User actions
September 10, 2021, 01:37:48 AM #15
Quote from: franco on September 06, 2021, 09:51:40 AM
21.7.2 is due tomorrow.
Cheers,
Franco

Franco - for important security updates like this - would they be backported to the previous version for a short period (e.g. 21.1.9 gets a hot fix for OpenSSL) ? I ask because it is not always easy to move to the new version immediately since it requires planning etc, but a hotfix for the current version is 100x easier to apply ...
September 10, 2021, 06:51:38 AM #16
Did you try to take the pkg and install manually in a test system? It should be compatible
September 10, 2021, 08:38:55 AM #17
Quote from: harshw on September 10, 2021, 01:37:48 AM
Franco - for important security updates like this - would they be backported to the previous version for a short period (e.g. 21.1.9 gets a hot fix for OpenSSL) ? I ask because it is not always easy to move to the new version immediately since it requires planning etc, but a hotfix for the current version is 100x easier to apply ...

Technically, this is what the business version is for... you are about three months behind on the next major version but important security fixes are carried out independently as was the case with 21.4.3 hotfix for OpenSSL.

Practically, you can always build and replace OpenSSL or any other piece of software with the ports tree.


Cheers,
Franco
Print
Go Up Pages 1 2
User actions