On Wed, Dec 28, 2005 at 02:16:26AM -0800, Steve Langasek wrote: > > The issue should be fixed by recompiling the client against a set of the > > libraries, and should affect only the 2.2.5-3 version under i386. Notice, > > also that the package has an undeclared dependency on libssl0.9.7 (the > > binary > > is linked against that one). > > Why do you say that? > > $ dpkg -x n/nessus-core/nessus_2.2.5-3_i386.deb /tmp/nessus > $ ldd /tmp/nessus/usr/bin/nessus |grep ssl > libssl.so.0.9.8 => not found > $ > > I don't see any reason to think that 2.2.5-3 is linked against 0.9.7.
Sorry, my mistake: * nessusd 2.2.5-3, the server, is linked against both 0.9.7 and 0.9.8 * nessusd 2.2.5-2, the server, is only linked against 0.9.7 * nessus 2.2.5-3, the client, is only linked against 0.9.8. * nessus 2.2.5-2, the client, is only linked against 0.9.7 The 2.2.5-2 client works with the 2.2.5-3 and 2.2.5-2 server. The 2.2.5-3 client does not work against any of the servers. It's the server that has an undeclared dependency (because it's linked against 0.9.7 but depends on just libssl0.9.8 (>= 0.9.8a-1)). A known fix is to have nessus, the server and client, link against just 0.9.7 (since it's known to work). Moving to 0.9.8 might require a recompile of other nessus related packages (nasl and nessus-plugins) in order for all of that to work out, it might be another (better?) option. Hopefully that clears it up. Regards Javier
signature.asc
Description: Digital signature
