From owner-freebsd-security@FreeBSD.ORG Thu Oct 4 09:47:00 2007 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 243C916A417 for ; Thu, 4 Oct 2007 09:46:58 +0000 (UTC) (envelope-from des@des.no) Received: from tim.des.no (tim.des.no [194.63.250.121]) by mx1.freebsd.org (Postfix) with ESMTP id D6FE413C4B5 for ; Thu, 4 Oct 2007 09:46:57 +0000 (UTC) (envelope-from des@des.no) Received: from tim.des.no (localhost [127.0.0.1]) by spam.des.no (Postfix) with ESMTP id 671E920C8; Thu, 4 Oct 2007 11:30:32 +0200 (CEST) X-Spam-Tests: AWL X-Spam-Learn: disabled X-Spam-Score: -0.0/3.0 X-Spam-Checker-Version: SpamAssassin 3.2.3 (2007-08-08) on tim.des.no Received: from ds4.des.no (des.no [80.203.243.180]) by smtp.des.no (Postfix) with ESMTP id 5A2C520C7; Thu, 4 Oct 2007 11:30:32 +0200 (CEST) Received: by ds4.des.no (Postfix, from userid 1001) id 3C0A884486; Thu, 4 Oct 2007 11:30:32 +0200 (CEST) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: Vladimir Terziev References: <200710032158.l93LwUfM089929@freefall.freebsd.org> <20071004103608.e67dd613.vlady@gbservices.biz> Date: Thu, 04 Oct 2007 11:30:31 +0200 In-Reply-To: <20071004103608.e67dd613.vlady@gbservices.biz> (Vladimir Terziev's message of "Thu\, 4 Oct 2007 10\:36\:08 +0300") Message-ID: <86ir5nqlag.fsf@ds4.des.no> User-Agent: Gnus/5.110006 (No Gnus v0.6) Emacs/22.1 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Cc: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-07:08.openssl X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Oct 2007 09:47:00 -0000 Vladimir Terziev writes: > I have applied the patch on a FreeBSD 6.2-RELEASE system and several > of the services (courier-imap, postfix) on the machine stopped. > > I got the following error: > > /libexec/ld-elf.so.1: /usr/lib/libssl.so.4: Undefined symbol > "EVP_idea_cbc" You fat-fingered the update, either by building with a different set of options than previously, or by checking out only a partial tree. The simplest fix is to check out a full RELENG_6_2 tree and build and install world. > I compared SSL libraries on the patched system with the same, but on > unpatched system. The difference, i found, is an extra library in > /usr/lib, on the patched system -- ``/usr/lib/libssl_p.a''. That's a profiling version of libssl; it isn't used on a production system and has no part in this. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no