Check your system, did you keep the old version, which seems to be the case, it would be. But why would you need it? its a security risk right?
> -----Original Message----- > From: Joel Osburn [mailto:[EMAIL PROTECTED] > Sent: Wednesday, October 08, 2003 12:11 PM > To: [EMAIL PROTECTED] > Subject: RE: [gentoo-user] Upgrading OpenSSL > > > In another response, MAL points out that revdep-rebuild rebuilds > binaries and libraries broken by other updates. In the > openssl/mod_ssl > case, neither mod_ssl nor mod_php were not broken by updating openssl; > rather mod_ssl needed to be recompiled to make use of the > newer openssl. > I gather that this has to do with static linking versus > dynamic linking. > Most programs that use openssl aren't statically linked to it, so they > probably only need to be restarted to make use of a new version of > openssl. And revdep-rebuild apparently only checks if *dynamic* > libraries are broken. > > So, when I run revdep-rebuild, it says that 'Dynamic linking on your > system is consistent... All done.' and does nothing. If I run it with > the '-X --soname-regexp' option, it reports 'There are no > dynamic links > to *ssl*... All done.' > > I don't think this helps this issue. > > > -----Original Message----- > > From: Jeffrey Smelser > > > > Um, This IS what your looking for... > > > > your upgrading openSSL which is a dependencies for mod_php > > lets say.. You run revdep-rebuild, and it will should mod_php > > needs to be recompiled... > > > > After some thinking, I used it for the upgrade to mysql. I > > upgraded it and it told me a few packages that compile in > > mysql support needed to be recompiled.. > > > > Am I missing something here?? > > > > > -----Original Message----- > > > From: Joel Osburn [mailto:[EMAIL PROTECTED] > > > Sent: Wednesday, October 08, 2003 11:41 AM > > > To: [EMAIL PROTECTED] > > > Subject: RE: [gentoo-user] Upgrading OpenSSL > > > > > > > > > Jeffrey Smelser: > > > > there is a rev-rebuild as part of the gentoolkit package. > > > Anytime you > > > > replace a library such as that.. Theory says, its suppose > > to provide > > > you > > > > with this information... I think it will even recompile > > things that > > > need > > > > to be recompiled. > > > > > > > > I have only used it once, and it worked for that.. I just > > > don't recall > > > what > > > > it was for... > > > > > > Hmmmm......It takes a 'qpkg --list gentoolkit' to reveal that > > > revdep-rebuild is provided in /usr/bin: > > > > > > files jtosburn # man revdep-rebuild > > > No manual entry for revdep-rebuild > > > > > > files jtosburn # revdep-rebuild --help > > > Usage: /usr/bin/revdep-rebuild [OPTIONS] [--] [EMERGE_OPTIONS] > > > > > > Broken reverse dependency rebuilder. > > > > > > -X, --package-names recompile based on package names, not exact > > > versions > > > --soname SONAME recompile packages using library > with SONAME > > > instead > > > of broken library > > > --soname-regexp SONAME > > > the same as --soname, but accepts > grep-style > > > regexp > > > -q, --quiet be less verbose > > > > > > Calls emerge, all other options are used for it (e. g. -p, > > --pretend). > > > > > > > > > If the developers think it's broken, then I wouldn't trust > > it, and I'm > > > not sure that it does what I'm looking for, anyway. > > > > > > So the question remains: how the heck do you know what > needs to be > > > recompiled after any given (particularly security-realted) > > > update? How > > > many people are still running a mod_ssl that was compiled with a > > > vulnerable openssl; sure they read the GLSA's and knew to update > > > openssl, but nothing was said about anything that is > > statically linked > > > to it. I don't expect that the devels would ever list > every program > > > possibly affected by a GLSA, but there ought o be a way for > > admins and > > > users to figure out what's what on their systems. > > > > > > -Joel Osburn > > > > > > > > > -- > > > [EMAIL PROTECTED] mailing list > > > > > > > > > > -- > > [EMAIL PROTECTED] mailing list > > > > > > > -- > [EMAIL PROTECTED] mailing list > > -- [EMAIL PROTECTED] mailing list
