On Thu, 6 Nov 2003, Cheryl Homiak wrote: > Well, this is kind of interesting. > I am using debian unstable. > when I check package status for openssl, it says the version is 0.9.7c--5. > But when I do > lynx --version > it says > Lynx Version 2.8.4rel.1 (17 Jul 2001) > libwww-FM 2.14, SSL-MM 1.4.1, OpenSSL 0.9.6c > Built on linux-gnu Nov 22 2002 21:54:44 > > so I assume the lynx --version is talking about what version it was built > on while the openssl package info is the ssl actually being used on my > system? Yes, and of course because there hasn't been a production version of Lynx since that one, the debian build won't have been updated in quite some time and I suspec t that 0.9.6C was current at that time. > I wondered about this, > because when you run "o" options in lynx, > under "user agent header" it has openssl0.96c listed. > Not meaning to sound vague; not quite sure what I'm asking except is this > a discrepancy that could cause a problem or is it just the difference > between what was originally used in the build and what is current on the > system? I don't think it would cause a problem, though if you're concerned you could take a look at the openssl web site, but it stands to reason that client-side implementations are not as problematic as server-side ones. I was really just making the comment that you probably don't want to be using such an old version of Openssl for your servers. Cheers. -- Toby Fisher Email: toby at tjfisher.co.uk Tel.: +44(0)1480 417272 Mobile: +44(0)7974 363239 ICQ: #61744808 Please avoid sending me Word or PowerPoint attachments. See http://www.fsf.org/philosophy/no-word-attachments.html
