Would this question be more appropriate for freebsd-ports, if not here?

I figured the ability (or lack of) to upgrade the default OpenSSL is more of a
security issue first, then a ports issue second. I don't want to install OpenSSL
manually using the source and have two different versions on my system. I
want to replace the default version 0.9.6a with 0.9.6b (0.9.6c would be really
nice). Could someone please comment on how this can (or cannot, and why) be
done?

>Normally, yes, that's what it is for, but not in this case. >From /usr/ports/security/openssl/Makefile:

>#FORBIDDEN= "OpenSSL is already in the base system"

>-S
> -----Original Message-----
> From: Jeff Palmer [mailto:scorpiodrkshdw.org]
> Sent: Thursday, April 18, 2002, 12:39 AM
> To: solarfluxziplip.com
> Subject: Re: Upgrading default OpenSSL
>
> Do you happen to know what the forbidden= is for?
> Typically its due to a security related issue. It seems to me that you
> want the latest/greatest OpenSSL/OpenSSH for security purposes.. so I'd
> think this whole idea of commenting out the line, would be
> counter-productive..
>> ----- Original Message -----
> From: "SolarfluX" <solarfluxziplip.com>
> To: <freebsd-securityfreebsd.org>
> Sent: Thursday, April 18, 2002 3:33 AM
> Subject: Upgrading default OpenSSL
>>
> > Hi,
> >
> > I'd like to upgrade the default version of OpenSSL (0.9.6a) on 4.5-STABLE
> to the latest available in ports (0.9.6b). I upgraded the default OpenSSH
> to 3.1p using an entry in /etc/make.conf:
> >
> > OPENSSH_OVERWRITE_BASE=YES
> >
> > Can the same thing be done with OpenSSL (i.e. OPENSSL_OVERWRITE_BASE=YES),
> after commenting out the FORBIDDEN lines in the Makefile?
> >
> > When will 0.9.6c (released Dec. 21, 2001) be incorporated?
> >
> > TIA

To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]