Hi, I want to report an openssl shared library versioning problem (ix86-linux).
Recently I have built and installed openssh-3.0.2p1 (using a shared library version of libcrypto), because the former version had some security holes. Before doing so I have upgraded from openssl-0.9.6a to 0.9.6c. After installing openssl, and thereby replacing libcrypto.so.0.9.6 from 0.9.6a by a library of the same name from 0.9.6c, but before building the new ssh, ssh complained about a build/use library version mismatch and failed. I think that ssh is perfectly justified in checking for a possible library version discrepancy. But if ssh is able to distinguish the libraries from 0.9.6a and 0.9.6c, then the sonames and full names of the respective shared libraries ought to be different, e.g libcrypto.so.0.9.6.3 or so. As far as I can see it there is nothing basically wrong with minor version 'numbers' such as "6.1" or maybe even "6c" (as long as you are not using GNU libtool). If, on the other hand, the libraries from 0.9.6a and 0.9.6c are binary compatible they certainly deserve the same soname, but then ssh shouln't be able to notice the difference. regards Peter Breitenlohner <[EMAIL PROTECTED]> ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
