Re: update of OpenSSL from tarball
J.D. Bronson [EMAIL PROTECTED] writes: I thought I would post to the group my solution for updating OpenSSL w/o having to rebuild the entire machine... # tar xzf openssl-0.9.7d.tar.gz # cd openssl-0.9.7d # ./config --prefix=/usr --openssldir=/etc/ssl # make # make test # make install ..this seems to correctly place all the files where they need to be with the exception of a few. I did recompile a few apps since they had ldd to older files that were incorrect. The problem is that I build most things from tarballs and overwrite alot of the base install binariesso if I did this fix the 'correct' way, I would have quite a mess on my hands. YMMV Most peoples' mileage *does* vary, because updating OpenSSL by itself isn't enough. Everything that linked to it statically needs to be updated as well, which most people won't have the skill (or inclination) to track down. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Dependencies of statically linked apps (was Re: update of OpenSSL from tarball)
On 20 Mar 2004, Lowell Gilbert wrote: J.D. Bronson [EMAIL PROTECTED] writes: ..this seems to correctly place all the files where they need to be with the exception of a few. I did recompile a few apps since they had ldd to older files that were incorrect. .. Most peoples' mileage *does* vary, because updating OpenSSL by itself isn't enough. Everything that linked to it statically needs to be updated as well, which most people won't have the skill (or inclination) to track down. Good point, but how _does_ one learn which libs have been statically linked when one has only the binary (assuming debug tags were stripped)? If common dependent apps are identified in the bug or fix report, well and good. Otherwise I don't see any alternative to that app's maintainers making the vulnerability information available. If there is a central list or clearing-house of such information, where would it be? - John Mills 1884 Ridgewood Dr, NE Atlanta, GA 30307-1166 404.377.2577 [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
update of OpenSSL from tarball
I thought I would post to the group my solution for updating OpenSSL w/o having to rebuild the entire machine... # tar xzf openssl-0.9.7d.tar.gz # cd openssl-0.9.7d # ./config --prefix=/usr --openssldir=/etc/ssl # make # make test # make install ..this seems to correctly place all the files where they need to be with the exception of a few. I did recompile a few apps since they had ldd to older files that were incorrect. The problem is that I build most things from tarballs and overwrite alot of the base install binariesso if I did this fix the 'correct' way, I would have quite a mess on my hands. YMMV -JDB ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
