FreeBSD Security Advisory FreeBSD-SA-03:18.openssl
Bjoern A. Zeeb
bzeeb-lists at lists.zabbadoz.net
Sat Oct 4 09:08:17 PDT 2003
On Sat, 4 Oct 2003, Jacques A. Vidrine wrote:
> On Sat, Oct 04, 2003 at 03:22:42PM +0000, Bjoern A. Zeeb wrote:
> > Another question: can someone please confirm that mod_ssl.so from
> > apache 2.0.47 port is _not_ affected ?
>
> It _is_ affected, because it uses the affected portions of OpenSSL.
...
> mod_ssl.so uses dynamic linking. It would not require a rebuild nor
> would the compiler output necessarily change after a rebuild.
thanks. my fault.
mixed the imapct part with ...
: Note that any statically linked applications that are not part of the
: base system (i.e. from the Ports Collection or other 3rd-party sources)
: must be recompiled.
while mod_ssl comes form ports and is not part of the base system it
still uses (as you said) dynamic linking. So replacing the libs is
enough.
Thanks and happy weekend.
--
Bjoern A. Zeeb bzeeb at Zabbadoz dot NeT
56 69 73 69 74 http://www.zabbadoz.net/
More information about the freebsd-security
mailing list