View previous topic :: View next topic |
Author |
Message |
d-bugger n00b
Joined: 21 Oct 2002 Posts: 6 Location: Belgium
|
Posted: Thu Feb 20, 2003 9:37 pm Post subject: openssl upgrade question |
|
|
I have a question on upgrading openssl:
Should I remerge all ebuilds who depend on it?
I'm a bit refering to the GLSA for openssl anounced today ...
Maybe this depends on what bugs were fixed? |
|
Back to top |
|
|
cram Guru
Joined: 17 Nov 2002 Posts: 312 Location: Saskatoon, Canada
|
Posted: Thu Feb 20, 2003 10:22 pm Post subject: |
|
|
Quote: | Should I remerge all ebuilds who depend on it? |
No, shouldn't be necessary. _________________ aaarggghhhh.
Good point Chewie. |
|
Back to top |
|
|
Zu` l33t
Joined: 26 May 2002 Posts: 716 Location: BE
|
Posted: Fri Feb 21, 2003 2:47 am Post subject: |
|
|
I've been wondering about this aswell, many times.
Can someone confirm it's really not needed ?
I think, if you want to be 100% sure, you could rebuild these packages:
Code: |
emerge -pev world | grep +ssl
|
Although that's not 100% to be trusted actually, there might be more packages that use ssl but don't have a USE flag for it (in other words, they need it, as a hard dependency). _________________ No growth without resistance.
No action without reaction.
No desire without restraint. |
|
Back to top |
|
|
psp Tux's lil' helper
Joined: 06 Aug 2002 Posts: 120 Location: Cape Town, South Africa
|
Posted: Fri Feb 21, 2003 1:41 pm Post subject: |
|
|
This shouldn't be a problem _UNLESS_ the binaries statically compile ssl into themselves... |
|
Back to top |
|
|
taveren Tux's lil' helper
Joined: 24 Jul 2002 Posts: 145 Location: London, Ontario
|
Posted: Fri Feb 21, 2003 2:14 pm Post subject: |
|
|
I just upgraded to 0.9.7a, it contains a very large warning that you must re-emerge everything that compiles against it. Now, this is most likely because I came up from 0.9.6h, but I can confirm that wget (which is compiled against 0.9.6h), doesn't work.
If you upgrade, only go up to 0.9.6i if your running something lower than that. |
|
Back to top |
|
|
taveren Tux's lil' helper
Joined: 24 Jul 2002 Posts: 145 Location: London, Ontario
|
Posted: Fri Feb 21, 2003 2:39 pm Post subject: |
|
|
I can also confirm that downgrading back to the previously installed version (in my case, 0.9.6h) will make everything work again, assuming you still have the tar file sitting in /usr/portage/distfiles. If you don't, or try to install a different version, wget will fail, since it was compiled against a different version of OpenSSL.
I downgraded backed to 0.9.6h, and then back up to 0.9.6i and everything still works without re-emergeing anything else. Hope this helps someone. |
|
Back to top |
|
|
|