Date: Fri, 13 Oct 2006 18:20:53 +0200 From: =?iso-8859-1?Q?Cl=E9ment_Moulin?= <cmoulin@simplerezo.com> To: <freebsd-security@freebsd.org> Subject: RE: I cannot upgrade openssl-stablr Message-ID: <000a01c6eee3$8e56d500$7006a8c0@nb03> In-Reply-To: <tUXijs4jgM@dmeyer.dinoex.sub.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Dirk Meyer a =E9crit: > >OPENSSL_OVERWRITE_BASE=3Dyes >sould be used with extreme caution! > >This might break your base application in cases like this, when the = base uses a diffrent api as the ports does. > That's totally true. I was wondering if, to avoid ports problem with openssl (and maybe some = over libs/important parts) - because somes refers directly to the openssl = base, others to the ports one -, we might try to find a way to have openssl - = in future release - in the base system being like a pre-installed port. It will be very hopeful too when security issues are discovered, because instead of patching the system base (and rebuilding the world...) we = have only to do a portupgrade... Saving times :) An other interest in doing this, is that the system will be reported unsecure by portaudit... OpenSSH should have the same treatment :) -- Cl=E9ment Moulin SimpleRezo
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?000a01c6eee3$8e56d500$7006a8c0>