>>>>> "Maxim" == Maxim Khitrov <[email protected]> writes:
Maxim> On Fri, Mar 2, 2012 at 5:00 PM, Randal L. Schwartz Maxim> <[email protected]> wrote: >> >> I know openssl is in the core, but the version in FreeBSD 8.2 is >> vulnerable to some recent attacks. (Hmm, I wonder why there hasn't been >> an 8.2 update then...) Maxim> Which attacks are you referring to? http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4109 Theoretically, this should have triggered a FreeBSD 8.2 security update, now that I keep thinking about it. Did I miss an announcement in the past few days? >> I installed the version from ports, which was recently updated, but now >> I'm not sure how to get my other ports to use that port instead of the >> core libraries. Is it sufficient to restart the apps (apache in >> particular), or do I need to recompile things? Maxim> You will need to recompile ports that depend on OpenSSL, passing Maxim> WITH_OPENSSL_PORT= flag to make. My preferred way to do this is to Maxim> install ports-mgmt/portconf and use something like this for Maxim> /usr/local/etc/ports.conf: Maxim> *: WITHOUT_IPV6 | WITHOUT_NLS | WITHOUT_X11 | WITHOUT_GTK | WITH_OPENSSL_PORT Is that the same as setting it in /etc/make.conf ? That's where I have "WITHOUT_X11=yes". And you're gonna regret that WITHOUT_IPV6 in a couple of months. :) (Googling a bit..) Oh, it makes it easier to make it non-universal. Cool. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 <[email protected]> <URL:http://www.stonehenge.com/merlyn/> Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc. See http://methodsandmessages.posterous.com/ for Smalltalk discussion _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[email protected]"
