From owner-freebsd-security@FreeBSD.ORG  Wed Oct 12 00:38:59 2005
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
X-Original-To: freebsd-security@freebsd.org
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id E693B16A41F
	for <freebsd-security@freebsd.org>;
	Wed, 12 Oct 2005 00:38:59 +0000 (GMT)
	(envelope-from cperciva@freebsd.org)
Received: from pd4mo3so.prod.shaw.ca (shawidc-mo1.cg.shawcable.net
	[24.71.223.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7F8C343D45
	for <freebsd-security@freebsd.org>;
	Wed, 12 Oct 2005 00:38:59 +0000 (GMT)
	(envelope-from cperciva@freebsd.org)
Received: from pd3mr2so.prod.shaw.ca
	(pd3mr2so-qfe3.prod.shaw.ca [10.0.141.178]) by l-daemon
	(Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004))
	with ESMTP id <0IO8002KJ1S39KB0@l-daemon> for
	freebsd-security@freebsd.org; Tue, 11 Oct 2005 18:38:27 -0600 (MDT)
Received: from pn2ml2so.prod.shaw.ca ([10.0.121.146])
	by pd3mr2so.prod.shaw.ca (Sun ONE Messaging Server 6.0 HotFix 1.01
	(built Mar
	15 2004)) with ESMTP id <0IO800KV21S320F0@pd3mr2so.prod.shaw.ca> for
	freebsd-security@freebsd.org; Tue, 11 Oct 2005 18:38:27 -0600 (MDT)
Received: from [192.168.0.60]
	(S0106006067227a4a.vc.shawcable.net [24.87.209.6]) by l-daemon
	(iPlanet Messaging Server 5.2 HotFix 1.18 (built Jul 28 2003))
	with ESMTP id <0IO800B1L1S2QX@l-daemon> for
	freebsd-security@freebsd.org; Tue, 11 Oct 2005 18:38:27 -0600 (MDT)
Date: Tue, 11 Oct 2005 17:38:26 -0700
From: Colin Percival <cperciva@freebsd.org>
In-reply-to: <434C427D.40501@netfence.it>
To: Andrea Venturoli <ml@netfence.it>
Message-id: <434C5B02.8030904@freebsd.org>
MIME-version: 1.0
Content-type: text/plain; charset=ISO-8859-1
Content-transfer-encoding: 7bit
X-Accept-Language: en-us, en
X-Enigmail-Version: 0.92.1.0
References: <200510111202.j9BC2obf081876@freefall.freebsd.org>
	<434C427D.40501@netfence.it>
User-Agent: Mozilla Thunderbird 1.0.7 (X11/20051001)
Cc: freebsd-security@freebsd.org
Subject: Re: FreeBSD Security Advisory FreeBSD-SA-05:21.openssl
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Oct 2005 00:39:00 -0000

Andrea Venturoli wrote:
> FreeBSD Security Advisories wrote:
>> Note that any statically linked applications that are not part of the
>> base system (i.e. from the Ports Collection or other 3rd-party sources)
>> must be recompiled.
> 
> Ok, is there any way to list installed ports which are statically linked
> against OpenSSL?

There isn't any particularly good approach, unfortunately.  I think I'd
probably use a combination of find(1), file(1), and fgrep(1) to find any
executable files (via find) which are statically linked (using file) and
which contain the string "OpenSSL" (using fgrep).

Colin Percival