From owner-freebsd-security Wed Jul 31 19:23:53 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6300F37B401 for ; Wed, 31 Jul 2002 19:23:49 -0700 (PDT) Received: from gw.nectar.cc (gw.nectar.cc [208.42.49.153]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7896D43E72 for ; Wed, 31 Jul 2002 19:23:48 -0700 (PDT) (envelope-from nectar@nectar.cc) Received: from madman.nectar.cc (madman.nectar.cc [10.0.1.111]) by gw.nectar.cc (Postfix) with ESMTP id DA36354; Wed, 31 Jul 2002 21:23:47 -0500 (CDT) Received: from madman.nectar.cc (localhost [IPv6:::1]) by madman.nectar.cc (8.12.3/8.12.3) with ESMTP id g712NlU4020272; Wed, 31 Jul 2002 21:23:47 -0500 (CDT) (envelope-from nectar@madman.nectar.cc) Received: (from nectar@localhost) by madman.nectar.cc (8.12.3/8.12.3/Submit) id g712NlF0020271; Wed, 31 Jul 2002 21:23:47 -0500 (CDT) Date: Wed, 31 Jul 2002 21:23:47 -0500 From: "Jacques A. Vidrine" To: Dirk Meyer Cc: freebsd-security@FreeBSD.ORG Subject: Re: Are OpenSSL bugs related to OpenSSH ? Message-ID: <20020801022347.GA20191@madman.nectar.cc> Mail-Followup-To: "Jacques A. Vidrine" , Dirk Meyer , freebsd-security@FreeBSD.ORG References: <1028113366.1406.0.camel@linux> <200207311127.g6VBRWY98818@www.wsf.at> <20020731151607.GD26793@madman.nectar.cc> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Url: http://www.nectar.cc/ User-Agent: Mutt/1.5.1i-ja.1 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, Jul 31, 2002 at 09:43:34PM +0200, Dirk Meyer wrote: > It is not fully configures fault, as I found now way to tell ld > to link with the desired libssl.so it the nubers are equal. > As the port version is newer or equal the version in the base, > linking with libssl.so from the ports is desired. > So if no port is installed everything compiles and links with > the base version, and when the port is installed each port can > link against it. I believe that ports that are not picking up libraries in ${LOCALBASE}/lib before they pick up those in /usr/lib are broken. Generally, `configure' scripts will honor LIBS when looking for libraries ... and generally ports should include $LOCALBASE in libs if they are expected to use libraries that are not in the base system. > The version BUMP makes this clear, even if the API is the same. > Otherwise we have to hack about 200 ports to select. I personally believe this is a very poor reason to bump the library version. I'll go so far as to call it bogus. :-) Cheers, -- Jacques A. Vidrine http://www.nectar.cc/ NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos jvidrine@verio.net . nectar@FreeBSD.org . nectar@kth.se To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message