Date: Sat, 4 Oct 2003 16:08:01 +0000 (UTC) From: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net> To: "Jacques A. Vidrine" <nectar@FreeBSD.org> Cc: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-03:18.openssl Message-ID: <Pine.BSF.4.53.0310041602110.60080@e0-0.zab2.int.zabbadoz.net> In-Reply-To: <20031004160010.GA96970@hellblazer.celabo.org> References: <200310032249.h93MnXS8047857@freefall.freebsd.org> <Pine.BSF.4.53.0310041506140.60080@e0-0.zab2.int.zabbadoz.net> <20031004160010.GA96970@hellblazer.celabo.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 4 Oct 2003, Jacques A. Vidrine wrote: > On Sat, Oct 04, 2003 at 03:22:42PM +0000, Bjoern A. Zeeb wrote: > > Another question: can someone please confirm that mod_ssl.so from > > apache 2.0.47 port is _not_ affected ? > > It _is_ affected, because it uses the affected portions of OpenSSL. ... > mod_ssl.so uses dynamic linking. It would not require a rebuild nor > would the compiler output necessarily change after a rebuild. thanks. my fault. mixed the imapct part with ... : Note that any statically linked applications that are not part of the : base system (i.e. from the Ports Collection or other 3rd-party sources) : must be recompiled. while mod_ssl comes form ports and is not part of the base system it still uses (as you said) dynamic linking. So replacing the libs is enough. Thanks and happy weekend. -- Bjoern A. Zeeb bzeeb at Zabbadoz dot NeT 56 69 73 69 74 http://www.zabbadoz.net/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.53.0310041602110.60080>