From owner-freebsd-security Tue Jul 30 12:55:42 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id ADF7E37B400 for ; Tue, 30 Jul 2002 12:55:38 -0700 (PDT) Received: from net2.dinoex.sub.org (net2.dinoex.de [212.184.201.182]) by mx1.FreeBSD.org (Postfix) with ESMTP id CCD2043E42 for ; Tue, 30 Jul 2002 12:55:36 -0700 (PDT) (envelope-from dirk.meyer@dinoex.sub.org) Received: from net2.dinoex.sub.org (dinoex@net2.dinoex.sub.org [127.0.0.1]) by net2.dinoex.sub.org (8.12.5/8.12.5) with ESMTP id g6UJt95H026146 for ; Tue, 30 Jul 2002 21:55:11 +0200 (CEST) (envelope-from dirk.meyer@dinoex.sub.org) X-MDaemon-Deliver-To: Received: from gate.dinoex.sub.org (dinoex@localhost) by net2.dinoex.sub.org (8.12.5/8.12.5/Submit) with BSMTP id g6UJt8b8026106 for ; Tue, 30 Jul 2002 21:55:08 +0200 (CEST) (envelope-from dirk.meyer@dinoex.sub.org) To: freebsd-security@FreeBSD.ORG Message-ID: From: dirk.meyer@dinoex.sub.org (Dirk Meyer) Organization: privat Subject: Re: Re[2]: About the openssl hole Date: Tue, 30 Jul 2002 21:49:12 +0200 X-Mailer: Dinoex 1.79 References: <004001c237cf$23c00560$fa00a8c0@elixor> <170112657687.20020730181657@buz.ch> <000d01c237e5$ceede1d0$fa00a8c0@elixor> <5113861671.20020730183701@buz.ch> <002301c237ea$04b4d4f0$fa00a8c0@elixor> <20020730181739.GA50219@laptop.lambertfam.org> X-Gateway: ZCONNECT gate.dinoex.sub.org [UNIX/Connect 0.94] X-Accept-Language: de,en X-PGP-Fingerprint: 44 16 EC 0A D3 3A 4F 28 8A 8A 47 93 F1 CF 2F 12 X-Noad: Please don't send me ad's by mail. I'm bored by this type of mail. X-Copyright: (C) Copyright 2001 by Dirk Meyer -- All rights reserved. X-Note: sending SPAM is a violation of both german and US law and will at least trigger a complaint at your provider's postmaster. X-PGP-Key-Avail: mailto:pgp-public-keys@keys.de.pgp.net Subject:GET 0x331CDA5D X-No-Archive: yes X-ZC-VIA: 20020730000000S+2@dinoex.sub.org Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Scott Lambert wrote: > But if you install the openssl port with -DOPENSSL_OVERWRITE_BASE, the > ports should simply see the "base" install of openssl and use it that > way, no? there is a version bump. > Do openssl using programs need to be recompiled for library changes > between OpenSSL 0.9.6a and OpenSSL 0.9.6d? ssh, sendmail, postfix, > stunnel, various pop3 and imap daemons, apache, ....? Yes you need to rebuild them all, to link against the new libssl.so.3 libcryptro.so.3 or apply the patch from the advisory in the base system. This will get you a modified libssl.so.2 libcryptro.so.2 kind regards Dirk - Dirk Meyer, Im Grund 4, 34317 Habichtswald, Germany - [dirk.meyer@dinoex.sub.org],[dirk.meyer@guug.de],[dinoex@FreeBSD.org] To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message