On 5/29/2014 5:18 AM, Shunmugavel Krishnan wrote:
Hi,
I am planning to upgrade open SSL in my operating system(RHEL). I have
applications running in the system, i.e. Tomcat web application, Web server,
Message broker etc. Do i need to check for compatible issues before i go
with the upgrade. Thanks!
I don't know about RHEL, but I happen to know that the Debian and Ubuntu
distributions include detailed, instructions (and even automation) of
any necessary steps when they package OpenSSL upgrades.
In those distributions, they use "so-names" (major version numbers
inside the file names of the .so library files) to ensure that only
compatible openssl upgrades will be loaded into programs that were
compiled against openssl. And they also provide scripts and prompts
to restart any pre-packaged processes that need to be restarted to load
the upgraded library files.
In general, if only the small letter at the end of an OpenSSL version
number increases, and the new library is compiled with the same
configuration options, compiler etc. as the old one, upgrading is
supposed to just work. For example 1.0.1g should be a drop in upgrade
for 1.0.1d, but not for 0.9.8p. There was however a minor change
somewhere between 1.0.1a and 1.0.1e which affects the default behavior
of SSL programs if compiled against the 1.0.1a header files but run with
the 1.0.1f or later DLLs.
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. http://www.wisemo.com
Transformervej 29, 2730 Herlev, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
