FreeBSD Security Advisory FreeBSD-SA-15:10.openssl
Matthew Seaman
matthew at FreeBSD.org
Sun Jun 14 14:35:40 UTC 2015
On 13/06/2015 22:28, rollingbits (Lucas) wrote:
> On Fri, Jun 12, 2015 at 07:43:30AM +0000, FreeBSD Security Advisories wrote:
>> 1) Upgrade your vulnerable system to a supported FreeBSD stable or
>> release / security branch (releng) dated after the correction date.
>
> Do I need rebuild my packages too?
You need to rebuild and re-install the ports version of OpenSSL, if
you're using it.
You need to rebuild and re-install anything that is statically linked
against OpenSSL libraries (either ports or base). This is trickier than
it sounds, because you need to either look at the source code /
Makefiles for the software, or use nm(1), objdump(1) or similar to check
for symbols from OpenSSL libraries in your statically linked binaries.
Fortunately, static linking against OpenSSL is a pretty unusual thing to do.
Having done the above, you need to restart anything that loads OpenSSL
shared libraries. That tends to be most network-aware software, so in
many cases it might be easier to just reboot.
Cheers,
Matthew
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 971 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freebsd.org/pipermail/freebsd-security/attachments/20150614/80873c45/attachment.sig>
More information about the freebsd-security
mailing list