On 13/06/2015 22:28, rollingbits (Lucas) wrote: > On Fri, Jun 12, 2015 at 07:43:30AM +0000, FreeBSD Security Advisories wrote: >> 1) Upgrade your vulnerable system to a supported FreeBSD stable or >> release / security branch (releng) dated after the correction date. > > Do I need rebuild my packages too?
You need to rebuild and re-install the ports version of OpenSSL, if
you're using it.
You need to rebuild and re-install anything that is statically linked
against OpenSSL libraries (either ports or base). This is trickier than
it sounds, because you need to either look at the source code /
Makefiles for the software, or use nm(1), objdump(1) or similar to check
for symbols from OpenSSL libraries in your statically linked binaries.
Fortunately, static linking against OpenSSL is a pretty unusual thing to do.
Having done the above, you need to restart anything that loads OpenSSL
shared libraries. That tends to be most network-aware software, so in
many cases it might be easier to just reboot.
Cheers,
Matthew
signature.asc
Description: OpenPGP digital signature
