On Tue, Feb 12, 2008 at 08:34:20PM -0500, Jeff wrote:
> I have some Fedora 5 systems on which I'd like to upgrade openssl. I'm
> currently running 0.9.8a-5.4, which is reported by yum as the latest
> version:
>
Many O/S vendors backport bugfixes from OpenSSL "patch" releases,
so, for example, instead of updating to 0.9.8g, they will import just the
bug fixes from 0.9.8g back to the base 0.9.8a version.
I don't blame them. The OpenSSL "patch" releases are hybrid patch and
feature releases, and distributions want a stable feature-set at a
particular release level.
It could also be as simple as wanting to keep the package name the same.
What does "openssl version" report? If that also reports "0.9.8a",
then most likely the vendor backports fixes. Sadly, in that case, one
can't tell at a glance which OpenSSL patch level a vendor release like
"0.9.8-5.4" corresponds to.
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
