FreeBSD Security Advisory FreeBSD-SA-07:08.openssl
Vladimir Terziev
vlady at gbservices.biz
Thu Oct 4 02:44:17 PDT 2007
Dag-Erling,
i have to apologize for the question.
The problem was implied by me, since i put in my /etc/make.conf, MAKE_IDEA=yes. It seems, the FreeBSD 6.2-RELEASE is not built with this option set and the original SSL libraries do not have support for IDEA in them.
I have commented the option and after the re-build of patched SSL libraries i have all services working fine as before.
Best regards,
Vladimir
On Thu, 04 Oct 2007 11:30:31 +0200
Dag-Erling Smørgrav <des at des.no> wrote:
> Vladimir Terziev <vlady at gbservices.biz> writes:
> > I have applied the patch on a FreeBSD 6.2-RELEASE system and several
> > of the services (courier-imap, postfix) on the machine stopped.
> >
> > I got the following error:
> >
> > /libexec/ld-elf.so.1: /usr/lib/libssl.so.4: Undefined symbol
> > "EVP_idea_cbc"
>
> You fat-fingered the update, either by building with a different set of
> options than previously, or by checking out only a partial tree. The
> simplest fix is to check out a full RELENG_6_2 tree and build and
> install world.
>
> > I compared SSL libraries on the patched system with the same, but on
> > unpatched system. The difference, i found, is an extra library in
> > /usr/lib, on the patched system -- ``/usr/lib/libssl_p.a''.
>
> That's a profiling version of libssl; it isn't used on a production
> system and has no part in this.
>
> DES
> --
> Dag-Erling Smørgrav - des at des.no
More information about the freebsd-security
mailing list