Question regarding openssl update (dsa-288-1)

To: debian-user@lists.debian.org
Subject: Question regarding openssl update (dsa-288-1)
From: Fraser Campbell <fraser@wehave.net>
Date: Thu, 17 Apr 2003 10:28:32 -0400
Message-id: <[🔎] 200304171028.32811.fraser@wehave.net>

Hi,

I am curious what applications it are that might break with this update 
(stunnel sounds like one of them).  Here's the section of the advisory that 
has me concerned:

    You will have to decide whether you want the security update which is not
    thread-safe and recompile all applications that apparently fail after the
    upgrade, or fetch the additional source packages at the end of this
    advisory, recompile it and use a thread-safe OpenSSL library again, but
    also recompile all applications that make use of it (such as apache-ssl,
    mod_ssl, ssh etc.).

My main concerns are ssh and libapache-mod-ssl. will they break with this 
update ... they don't appear to have broken but maybe I'm missing something?  
Is there a list available of programs that are expected to break?

Full advisory at http://www.debian.org/security/2003/dsa-288

Thanks
-- 
Fraser Campbell <fraser@wehave.net>                 http://www.wehave.net/
Brampton, Ontario, Canada                                 Debian GNU/Linux

Reply to:

Follow-Ups:
- Re: Question regarding openssl update (dsa-288-1)
  - From: Colin Watson <cjwatson@debian.org>

Prev by Date: Re: mount: Too many levels of symbolic links
Next by Date: Re: manual installing in Debian
Previous by thread: Re: Run commands at start-up
Next by thread: Re: Question regarding openssl update (dsa-288-1)
Index(es):
- Date
- Thread