Re: Applying security patches to 0.9.8a

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 17/04/18 06:36 PM, Rob Marshall wrote:
Hi,

The OS is SLES 10 SP3 and there are currently close to 80 binaries
that appear to use libssl.so.0.9.8. They are from a bunch of different
packages, so I would imagine that updating to anything more recent
than 0.9.8 would be a major hassle and possibly not even possible.

I did find openssl-0.9.8zh.tar.gz which was last modified in 2015
which is way better than 0.9.8a which hasn't been touched since 2005.
I'm trying to install 0.9.8zh now to see if that works.

But I know someone is going to ask: Can you apply all of the newer
security fixes to 0.9.8zh? So I'll ask...can I?


The ABI is very stable.  You would do well to build the latest openssl
as Rich Salz says.  The dates on this page are a mess but you need the
latest :  https://www.openssl.org/source/old/0.9.x/

So build it into a user home directory like $HOME/local and then set
your LD_LIBRARY_PATH to point to that new lib dir and test your apps
against it.  There should be a major issue.

If all goes well, as it should, just build the libs into /usr/local/ssl
and test your apps again.

If that goes well ... you could backup your old libs and symlink in the
new ones you just built.

Just an idea.  Not perfect.

Dennis
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux