What is affected by FreeBSD-SA-07:08.openssl ?
Daniel Bye
freebsd-questions at slightlystrange.org
Thu Oct 4 08:47:47 PDT 2007
On Thu, Oct 04, 2007 at 10:32:20AM -0400, Duane Winner wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Alexandre Biancalana wrote:
> > Hi list,
> >
> > A quick:
> >
> > $ grep -lr SSL_get_shared_ciphers /usr/src 2> /dev/null
> > /usr/src/crypto/openssl/apps/s_client.c
> > /usr/src/crypto/openssl/apps/s_server.c
> > /usr/src/crypto/openssl/doc/ssleay.txt
> > /usr/src/crypto/openssl/doc/ssl/ssl.pod
> > /usr/src/crypto/openssl/ssl/ssl.h
> > /usr/src/crypto/openssl/ssl/ssl_lib.c
> > /usr/src/crypto/openssl/util/ssleay.num
> > /usr/src/secure/lib/libssl/man/ssl.3
> >
> > Doesn't revel much about what is affected by this bug.... Have someone made
> > some deeper analysis about what is affected ?
>
> Related question:
>
> Would any ports which may have been built based on openssl libraries
> (apache, stunnel, etc.) need to be rebuilt after this openssl patch?
I would think it would be sufficient just to restart any such ports,
rather than completely rebuild them, to ensure that the updated version
of the OpenSSL libs are loaded, and not the old broken ones.
However, it can't do any harm to rebuild, if you're that worried about it.
I'm sure someone will put me right if that's not the case, though.
Dan
--
Daniel Bye
_
ASCII ribbon campaign ( )
- against HTML, vCards and X
- proprietary attachments in e-mail / \
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20071004/9b78d318/attachment.pgp
More information about the freebsd-questions
mailing list