Re: SA2010-011: why update libcrypto and librcypt?

To: manu%NetBSD.org@localhost (Emmanuel Dreyfus), tech-security%NetBSD.org@localhost
Subject: Re: SA2010-011: why update libcrypto and librcypt?
From: jnemeth%victoria.tc.ca@localhost (John Nemeth)
Date: Mon, 1 Nov 2010 10:01:46 -0700

On Mar 24,  8:20am, Emmanuel Dreyfus wrote:
} 
} SA2010-011 tells about a vulnerability in ssl3_get_key_exchange() and
} explains how to update the system to fix it.
} 
} In the updating information, we aretold to rebuild and install libcrypt
} and libcrypto. Is that necessary? None of them have a referecence to
} ssl3_get_key_exchange().

     Because starting with a clean tree you can't compile libssl
without compiling libcrypto and libcrypt first since libssl links
against the latter two.

}-- End of excerpt from Emmanuel Dreyfus

Follow-Ups:
- Re: SA2010-011: why update libcrypto and librcypt?
  - From: Emmanuel Dreyfus

References:
- SA2010-011: why update libcrypto and librcypt?
  - From: Emmanuel Dreyfus

Prev by Date: SA2010-011: why update libcrypto and librcypt?
Next by Date: Re: SA2010-011: why update libcrypto and librcypt?
Previous by Thread: SA2010-011: why update libcrypto and librcypt?
Next by Thread: Re: SA2010-011: why update libcrypto and librcypt?
Indexes:

Home | Main Index | Thread Index | Old Index