[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [SECURITY] [DSA 881-1] New OpenSSL 0.9.6 packages fix cryptographic weakness



On Sun, Nov 06, 2005 at 12:29:33PM +0100, Turbo Fredriksson wrote:
> Quoting joey@infodrom.org (Martin Schulze):
> 
> >                 oldstable (woody)      stable (sarge)     unstable (sid)
> > openssl          0.9.6c-2.woody.8       0.9.7e-3sarge1      0.9.8-3
> > openssl 094      0.9.4-6.woody.4             n/a              n/a
> > openssl 095      0.9.5a-6.woody.6            n/a              n/a
> > openssl 096           n/a               0.9.6m-1sarge1        n/a
> > openssl 097           n/a                    n/a            0.9.7g-5
> >
> > We recommend that you upgrade your libssl packages.
> 
> With an upgrade like this, doesn't all the packages that links with OpenSSL
> needs to be re-packaged?
> 

Umm, no.  That is why dynamic linking is used (almost) exclusively over
static linking for packaging.  You simply restart the apps/services that
are using libssl and they will reload with the updated library.

-Roberto
-- 
Roberto C. Sanchez
http://familiasanchez.net/~roberto

Attachment: pgpk3Em2ROD6I.pgp
Description: PGP signature


Reply to: