From owner-freebsd-security Wed Jul 31 13:44:47 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0321037B400 for ; Wed, 31 Jul 2002 13:44:44 -0700 (PDT) Received: from clink.schulte.org (clink.schulte.org [209.134.156.193]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6167B43E42 for ; Wed, 31 Jul 2002 13:44:43 -0700 (PDT) (envelope-from schulte+freebsd@nospam.schulte.org) Received: from localhost (localhost [127.0.0.1]) by clink.schulte.org (Postfix) with ESMTP id EFFE92440D; Wed, 31 Jul 2002 15:44:41 -0500 (CDT) Received: from schulte-laptop.nospam.schulte.org (carpnod.schulte.org [209.134.156.200]) by clink.schulte.org (Postfix) with ESMTP id 97138243F7; Wed, 31 Jul 2002 15:44:39 -0500 (CDT) Message-Id: <5.1.1.6.2.20020731153229.03e9f388@localhost> X-Sender: X-Mailer: QUALCOMM Windows Eudora Version 5.1.1 Date: Wed, 31 Jul 2002 15:44:11 -0500 To: dirk.meyer@dinoex.sub.org (Dirk Meyer), freebsd-security@FreeBSD.ORG From: Christopher Schulte Subject: Re: Are OpenSSL bugs related to OpenSSH ? In-Reply-To: References: <1028113366.1406.0.camel@linux> <200207311127.g6VBRWY98818@www.wsf.at> <20020731151607.GD26793@madman.nectar.cc> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed X-Virus-Scanned: by AMaViS 0.3.12pre6 on clink.schulte.org Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org At 09:43 PM 7/31/2002 +0200, Dirk Meyer wrote: >The version BUMP makes this clear, even if the API is the same. >Otherwise we have to hack about 200 ports to select. I installed the 0.9.6e openssl port to overwrite base (-DOPENSSL_OVERWRITE_BASE) and relinked my critical apps. I added: NO_OPENSSL= true to /etc/make.conf Now when I want to update to a patched RELENG_4_6, and use the base openssl, should I: 1) deinstall the port 2) remove make.conf declaration 3) cvsup/make world 4) recompile my third party apps again, because /usr/lib/libcrypto.so.3 and /usr/lib/libssl.so.3 are not used by the base openssl I'm only a tad confused with number 4. Was the .2 -> .3 change made just within the port or within openssl itself? Thanks! >kind regards Dirk > >- Dirk Meyer, Im Grund 4, 34317 Habichtswald, Germany >- [dirk.meyer@dinoex.sub.org],[dirk.meyer@guug.de],[dinoex@FreeBSD.org] -- Christopher Schulte http://www.schulte.org/ Do not un-munge my @nospam.schulte.org email address. This address is valid. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message