DSA-288 - a question

To: debian-security@lists.debian.org
Subject: DSA-288 - a question
From: Marcin Owsiany <porridge@debian.org>
Date: Tue, 22 Apr 2003 21:22:38 +0200
Message-id: <[🔎] 20030422192238.GA4376@menel>
Mail-followup-to: debian-security@lists.debian.org

Hi!

DSA 288 [0] says:

]  You will have to decide whether you want the security update which is
]  not thread-safe and recompile all applications that apparently fail
   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
]  after the upgrade, [...]

Does that mean that installing 0.9.6c-2.woody.3 and then recompiling
e.g. stunnel against it will make it work fine even though openssl won't
be thread-safe?

If so, can anyone explain how recompiling an application can help?
(There are no differences in the library interface between
openssl-0.9.6c-2.woody.2 and openssl-0.9.6c-2.woody.3)

If not, then what does it refer to, and is there any way to make
threaded apps work with openssl 0.9.6c-2.woody.3?

regards

Marcin

[0] http://www.debian.org/security/2003/dsa-288
-- 
Marcin Owsiany <porridge@debian.org>             http://marcin.owsiany.pl/
GnuPG: 1024D/60F41216  FE67 DA2D 0ACA FC5E 3F75  D6F6 3A0D 8AA0 60F4 1216

Reply to:

Follow-Ups:
- Re: DSA-288 - a question
  - From: Jason Lunz <lunz@falooley.org>
- Re: DSA-288 - a question
  - From: Arthur van Dorp <arthur_vd@gmx.net>

Prev by Date: Re: Network stress testing
Next by Date: Re: Network stress testing
Previous by thread: Re: HELP, my Debian Server was hacked!
Next by thread: Re: DSA-288 - a question
Index(es):
- Date
- Thread