Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: Did RedHat's OpenSSL patch miss Apache?
From: Todd Vierling (tvduh.org)
Date: Mon May 10 2004 - 15:13:32 CDT
On Sun, 9 May 2004, gf gf wrote:
: It seems to me that Apache uses its own copy of
: libssl, which is not part of the openssl RPM and hence
: not updated by the RedHat RPM update. (And is still
: $ rpm -q -f /usr/lib/apache/libssl.so
Are you sure that's libssl the OpenSSL library and not libssl the Apache
module? Try the following:
$ ldd /usr/lib/apache/libssl.so
If you see /usr/lib/libssl.so.* in the list, then this is a red herring --
the /usr/lib/apache/libssl.so is just the Apache module glue and is properly
using OpenSSL from /usr/lib like everything else.
-- Todd Vierling <tvduh.org> <tvpobox.com>