On Fri, Dec 08, 2017 at 04:08:02PM +0100, Olivier wrote: > Hello, > > When compiling Asterisk from source, the classical ./configure, make and > make install commands are issued. > > > If a vulnerabilty is found within Asterisk code, then Asterisk source code > is patched and depending on what files were touched parts or all of above > commands need to be re-issued. > > What should be done for Asterisk runtime dependencies ? > > Which of the following sentences is or are correct ? > > 1. All Asterisk runtime dependencies are delivered as .so files. Is this > correct ?
In standard Linux distributions, yes. > 2. I don't need to re-configure, re-compile or even re-start asterisk when > a such .so file is updated Hopefully, not reconfigure / recompile. Generally on properly-maintained distributions those libraries will change their name (SONAME) if they have non backward-compatible changes. In such a case you need to rebuild. This is why there's a number after the .so . As mentioned before, you need to restart, because otherwise you still use the original version of the library. -- Tzafrir Cohen +972-50-7952406 mailto:tzafrir.co...@xorcom.com http://www.xorcom.com -- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- Check out the new Asterisk community forum at: https://community.asterisk.org/ New to Asterisk? Start here: https://wiki.asterisk.org/wiki/display/AST/Getting+Started asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users