[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: openssl upgrade issue (merged)

To: <misc@openbsd.org>
Subject: Re: openssl upgrade issue (merged)
From: tempo <tempo@zeus.sorcery.ca>
Date: Tue, 1 Oct 2002 00:55:22 -0500 (EST)

> If you want to upgrade OpenSSL because of security issues, don't -
> just use CVS or patches.

It is for security reasons that this was done.

There are no openssl patches for 2.9 that I'm aware of. Thus my mistake.
I've never *successfully* used CVS because I've not had the surplus time
to learn the process sufficiently. I hate to sound so incompetant, but
that's life in the trenches for you. Spare time is a luxury. I chose to
use OpenBSD because it offers excellent security in the least amount of
time.

> You attempted to take their software and compile it on OpenBSD. We
> compensate for a lot of bugs in their software.  All sorts of things.

What would your suggested course of action be to correct this with the
minimum amount of down time on a production server?

-Shaun

Follow-Ups:
- Re: openssl upgrade issue (merged)
  - From: Carl Brewer <carl@bl.echidna.id.au>

Prev by Date: Re: Follow-up: Squirrelmail in chrooted Apache
Next by Date: Fw: Re: Follow-up: Squirrelmail in chrooted Apache (verification)
Prev by thread: Re: Follow-up: Squirrelmail in chrooted Apache
Next by thread: Re: openssl upgrade issue (merged)
Index(es):
- Date
- Thread