Date: Tue, 30 Apr 2002 15:48:06 -0700 (PDT) From: SolarfluX <solarflux@ziplip.com> To: freebsd-security@freebsd.org Subject: Re: Upgrading default OpenSSL Message-ID: <BNADYEQAHZACRJVM4XUB4XSVVJT4OSSRPYT1ADIE@ziplip.com>
next in thread | raw e-mail | index | archive | help
Would this question be more appropriate for freebsd-ports, if not here? I figured the ability (or lack of) to upgrade the default OpenSSL is more of a security issue first, then a ports issue second. I don't want to install OpenSSL manually using the source and have two different versions on my system. I want to replace the default version 0.9.6a with 0.9.6b (0.9.6c would be really nice). Could someone please comment on how this can (or cannot, and why) be done? >Normally, yes, that's what it is for, but not in this case. >From /usr/ports/security/openssl/Makefile: >#FORBIDDEN= "OpenSSL is already in the base system" >-S > -----Original Message----- > From: Jeff Palmer [mailto:scorpio@drkshdw.org] > Sent: Thursday, April 18, 2002, 12:39 AM > To: solarflux@ziplip.com > Subject: Re: Upgrading default OpenSSL > > Do you happen to know what the forbidden= is for? > Typically its due to a security related issue. It seems to me that you > want the latest/greatest OpenSSL/OpenSSH for security purposes.. so I'd > think this whole idea of commenting out the line, would be > counter-productive.. >> ----- Original Message ----- > From: "SolarfluX" <solarflux@ziplip.com> > To: <freebsd-security@freebsd.org> > Sent: Thursday, April 18, 2002 3:33 AM > Subject: Upgrading default OpenSSL >> > > Hi, > > > > I'd like to upgrade the default version of OpenSSL (0.9.6a) on 4.5-STABLE > to the latest available in ports (0.9.6b). I upgraded the default OpenSSH > to 3.1p using an entry in /etc/make.conf: > > > > OPENSSH_OVERWRITE_BASE=YES > > > > Can the same thing be done with OpenSSL (i.e. OPENSSL_OVERWRITE_BASE=YES), > after commenting out the FORBIDDEN lines in the Makefile? > > > > When will 0.9.6c (released Dec. 21, 2001) be incorporated? > > > > TIA To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?BNADYEQAHZACRJVM4XUB4XSVVJT4OSSRPYT1ADIE>