Date: Tue, 30 Apr 2002 21:45:31 -0400 From: "Peter C. Lai" <sirmoo@cowbert.2y.net> To: SolarfluX <solarflux@ziplip.com> Cc: freebsd-security@freebsd.org Subject: Re: Upgrading default OpenSSL Message-ID: <20020430214531.A21901@cowbert.2y.net> In-Reply-To: <BNADYEQAHZACRJVM4XUB4XSVVJT4OSSRPYT1ADIE@ziplip.com>; from solarflux@ziplip.com on Tue, Apr 30, 2002 at 03:48:06PM -0700 References: <BNADYEQAHZACRJVM4XUB4XSVVJT4OSSRPYT1ADIE@ziplip.com>
next in thread | previous in thread | raw e-mail | index | archive | help
cvsup and make world? On Tue, Apr 30, 2002 at 03:48:06PM -0700, SolarfluX wrote: > Would this question be more appropriate for freebsd-ports, if not here? > > I figured the ability (or lack of) to upgrade the default OpenSSL is more of a > security issue first, then a ports issue second. I don't want to install OpenSSL > manually using the source and have two different versions on my system. I > want to replace the default version 0.9.6a with 0.9.6b (0.9.6c would be really > nice). Could someone please comment on how this can (or cannot, and why) be > done? > > >Normally, yes, that's what it is for, but not in this case. >From /usr/ports/security/openssl/Makefile: > > >#FORBIDDEN= "OpenSSL is already in the base system" > > >-S > > -----Original Message----- > > From: Jeff Palmer [mailto:scorpio@drkshdw.org] > > Sent: Thursday, April 18, 2002, 12:39 AM > > To: solarflux@ziplip.com > > Subject: Re: Upgrading default OpenSSL > > > > Do you happen to know what the forbidden= is for? > > Typically its due to a security related issue. It seems to me that you > > want the latest/greatest OpenSSL/OpenSSH for security purposes.. so I'd > > think this whole idea of commenting out the line, would be > > counter-productive.. > >> ----- Original Message ----- > > From: "SolarfluX" <solarflux@ziplip.com> > > To: <freebsd-security@freebsd.org> > > Sent: Thursday, April 18, 2002 3:33 AM > > Subject: Upgrading default OpenSSL > >> > > > Hi, > > > > > > I'd like to upgrade the default version of OpenSSL (0.9.6a) on 4.5-STABLE > > to the latest available in ports (0.9.6b). I upgraded the default OpenSSH > > to 3.1p using an entry in /etc/make.conf: > > > > > > OPENSSH_OVERWRITE_BASE=YES > > > > > > Can the same thing be done with OpenSSL (i.e. OPENSSL_OVERWRITE_BASE=YES), > > after commenting out the FORBIDDEN lines in the Makefile? > > > > > > When will 0.9.6c (released Dec. 21, 2001) be incorporated? > > > > > > TIA > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message -- Peter C. Lai University of Connecticut Dept. of Molecular and Cell Biology | Undergraduate Research Assistant http://cowbert.2y.net/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020430214531.A21901>