On Wed, Dec 28, 2005 at 10:57:42AM +0100, Javier Fernández-Sanguino Peña wrote:
severity 343487 grave
tags 343487 pending confirmed sid etch
reassign 343487 nessus
thanks
I downgraded the nessus client version to 2.2.5-2 (which is *not* compiled
against both 0.9.7 and 0.9.8 SSL libraries) and it worked fine.
The issue should be fixed by recompiling the client against a set of the
libraries, and should affect only the 2.2.5-3 version under i386. Notice,
also that the package has an undeclared dependency on libssl0.9.7 (the binary
is linked against that one).
I will try to rebuild it in a clean environment and see if I can get rid of
the libssl0.9.7 dependencies that way. Other nessus-related packages (libnasl
and nessus-plugins) might need to be recompiled too.
After seeing Javier's message on the nessus mailing list
(http://mail.nessus.org/pipermail/nessus/2005-December/msg00244.html,
which points to #338006, which is a bug in openssl 0.9.8), I tried
rebuilding nessus and nessusd in a clean sid chroot with only openssl
0.9.7 installed, as Javier suggested doing.
Because of Hadmut's message in this bug, I rebuild libnasl as well.
The resulting packages naturally only depend on libssl0.9.7, and seem
to work fine. This might be a workaround.
The re-built packages for sid are available on
http://zg.debian.zugschlus.de/zg/pool/main/libnasl and
http://zg.debian.zugschlus.de/zg/pool/main/nessus-core
Greetings
Marc
--
-
Marc Haber | I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834
Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
