On Thu, Nov 20, 2014 at 9:31 PM, Damien Miller <djm@xxxxxxxxxxx> wrote: > On Wed, 19 Nov 2014, Nico Kadel-Garcia wrote: > >> Use 6.6p1, or consider patching the check for openssl version in >> openbsd-compat/openssl-compat.h to ignore the failure, on the basis >> that RHEL has been backporting patches to openssl for RHEL 5.. > > Do you understand why that check exists in the first place? That's why I asked. A bit more digging shows that the HeartBleed bug apparently never applied to 0.9.8 versions of OpenSSL, the version used in RHEL 5, so that shouldn't be an issue there. OpenSSH version 6.6 was indeed, compatible with that older OpenSSL on RHEL 5, I even just tested its basic functionalit, so I assume it's not a major API incompatibility introduced with OpenSSH 6.7p1. So I'm now quite curious. _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
