[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
From: maillist at ja6.com (ja6.com)
Subject: OpenSSL - dynamically linked binaries?
I recently recompiled my mod_ssl apache box and php.... for the openssl
path,
had to recompile both php and apache to get the updated linkage...
--Jon
Honza Vlach wrote:
>Hello,
>I have upgraded my servers to latest OpenSSL version (0.9.7d) and
>restarted all daemons linked to it. Still, I'm a bit confused about what
>else should I recompile.
>
>I have checked apache mod_ssl and php module, which are both dynamically
>linked to the libssl.so.0.9.7. The thing, that confuses me lot is, when I
>look on the phpinfo(), it says "OpenSSL version 0.9.7c", which it
>was compiled against.
>
>Does this mean, that I'm still vulnerable, or it is just version
>hardcoded to the binary, while the library itself was sucessfully
>reloaded?
>
>What should be recompiled when there is new OpenSSL version issued?
>
>Have a nice day,
>Honza Vlach
>
>
>
>
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
Powered by blists - more mailing lists