On Tue, Oct 11, 2016 at 12:36 PM, Joel Maslak <jmas...@antelope.net> wrote: > They backport security patches from new versions to the old version, but > don't backport most features. Thus even though RHEL 5 machines might be > running ".9.8e" (hopefully -40), they will have the critical security > patches - even though OpenSSL officially doesn't have them in .9.8e.
Sounds like the answer is a Gnu Configure-like philosophy of testing for the particular security issues with a small probe-script, to be compiled a Makefile.PL time. -y