-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 >>>>> "Sandip" == Sandip Bhattacharya <[EMAIL PROTECTED]> writes:
Sandip> Raj Mathur wrote: >> [Please upgrade OpenSSL on all platforms -- Raju] Sandip> [...] >> Who is affected? >> ---------------- >> >> All versions of OpenSSL up to and including 0.9.6j and 0.9.7b >> and all versions of SSLeay are affected. >> >> Any application that makes use of OpenSSL's ASN1 library to >> parse untrusted data. This includes all SSL or TLS >> applications, those using S/MIME (PKCS#7) or certificate >> generation routines. >> >> Recommendations >> --------------- >> >> Upgrade to OpenSSL 0.9.7c or 0.9.6k. Recompile any OpenSSL >> applications statically linked to OpenSSL libraries. >> Sandip> There I go recompiling apache again!!!!! Just did that Sandip> yesterday!!!!! :((((( Sandip> BTW, mod_ssl is unlikely to use static linking? So can I Sandip> just recompile and hope that the ssl applications after Sandip> restarting wont notice? [EMAIL PROTECTED] root]# ldd `which httpd` ... libssl.so.2 => /lib/libssl.so.2 (0x40040000) libcrypto.so.2 => /lib/libcrypto.so.2 (0x40070000) ... No need to recompile: most (all?) applications are dynamically linked with libssl and libcrypto, so you just need to upgrade OpenSSL and the apps are upgraded automatically. That's one of the advantages of shared libs, no? - -- Raju - -- Raj Mathur [EMAIL PROTECTED] http://kandalaya.org/ GPG: 78D4 FC67 367F 40E2 0DD5 0FEF C968 D0EF CC68 D17F All your domain are belong to us. It is the mind that moves -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) Comment: Processed by Mailcrypt 3.5.6 and Gnu Privacy Guard <http://www.gnupg.org/> iD8DBQE/ej7gyWjQ78xo0X8RAlQLAJ9dBkVQ28QydRghHjZOAF7s6lgYAwCgjjNv 21Ia2Yeu2jEn95U6tnaXHEY= =Fggv -----END PGP SIGNATURE----- _______________________________________________ ilugd mailing list [EMAIL PROTECTED] http://frodo.hserus.net/mailman/listinfo/ilugd