Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 2 Mar 2012 17:07:09 -0500
From:      Maxim Khitrov <max@mxcrypt.com>
To:        "Randal L. Schwartz" <merlyn@stonehenge.com>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: openssl from ports
Message-ID:  <CAJcQMWe2807i-8Xcb=+R31LKfL-OEyd7eHiLop6Mg6j_m5K_4A@mail.gmail.com>
In-Reply-To: <86fwdqvf2x.fsf@red.stonehenge.com>
References:  <86fwdqvf2x.fsf@red.stonehenge.com>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
On Fri, Mar 2, 2012 at 5:00 PM, Randal L. Schwartz
<merlyn@stonehenge.com> wrote:
>
> I know openssl is in the core, but the version in FreeBSD 8.2 is
> vulnerable to some recent attacks. =C2=A0(Hmm, I wonder why there hasn't =
been
> an 8.2 update then...)

Which attacks are you referring to?

> I installed the version from ports, which was recently updated, but now
> I'm not sure how to get my other ports to use that port instead of the
> core libraries. =C2=A0Is it sufficient to restart the apps (apache in
> particular), or do I need to recompile things?

You will need to recompile ports that depend on OpenSSL, passing
WITH_OPENSSL_PORT=3D flag to make. My preferred way to do this is to
install ports-mgmt/portconf and use something like this for
/usr/local/etc/ports.conf:

*: WITHOUT_IPV6 | WITHOUT_NLS | WITHOUT_X11 | WITHOUT_GTK | WITH_OPENSSL_PO=
RT

- Max



Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?CAJcQMWe2807i-8Xcb=+R31LKfL-OEyd7eHiLop6Mg6j_m5K_4A>