Date: Wed, 31 Jul 2002 21:23:47 -0500 From: "Jacques A. Vidrine" <nectar@FreeBSD.ORG> To: Dirk Meyer <dirk.meyer@dinoex.sub.org> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Are OpenSSL bugs related to OpenSSH ? Message-ID: <20020801022347.GA20191@madman.nectar.cc> In-Reply-To: <NsihTOz9%2Bd@dmeyer.dinoex.sub.org> References: <Wx/oYHzdAA@dmeyer.dinoex.sub.org> <1028113366.1406.0.camel@linux> <200207311127.g6VBRWY98818@www.wsf.at> <Wx/oYHzdAA@dmeyer.dinoex.sub.org> <20020731151607.GD26793@madman.nectar.cc> <NsihTOz9%2Bd@dmeyer.dinoex.sub.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Jul 31, 2002 at 09:43:34PM +0200, Dirk Meyer wrote:
> It is not fully configures fault, as I found now way to tell ld
> to link with the desired libssl.so it the nubers are equal.
> As the port version is newer or equal the version in the base,
> linking with libssl.so from the ports is desired.
> So if no port is installed everything compiles and links with
> the base version, and when the port is installed each port can
> link against it.
I believe that ports that are not picking up libraries in
${LOCALBASE}/lib before they pick up those in /usr/lib are broken.
Generally, `configure' scripts will honor LIBS when looking for
libraries ... and generally ports should include $LOCALBASE in libs if
they are expected to use libraries that are not in the base system.
> The version BUMP makes this clear, even if the API is the same.
> Otherwise we have to hack about 200 ports to select.
I personally believe this is a very poor reason to bump the library
version. I'll go so far as to call it bogus. :-)
Cheers,
--
Jacques A. Vidrine <n@nectar.cc> http://www.nectar.cc/
NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos
jvidrine@verio.net . nectar@FreeBSD.org . nectar@kth.se
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020801022347.GA20191>