openssldoesn't -overwrite-base again (was:
FreeBSD-SA-08:05.openssh)
Roger Marquis
marquis at roble.com
Tue Apr 22 18:14:03 UTC 2008
Dirk Meyer wrote:
> The -overwrite-base option was only functional on FreeBSD 4.x
> With FreeBSD 5.x the libs are spread in /lib and /usr/lib, so
> even if the ports overwrite base libs, some tools still use the
> old (unpatched) libs from /lib.
Couldn't this be addressed simply by removing the old libs,
possibly replacing with symlinks, in coordination with the
standard/base?
We shouldn't need to worry about base applications linked to the
old libs anyhow, unless a base app is making unreasonable
expectations. Better to fix those bugs in base, IMO, than have
multiple versions of key libraries.
Roger Marquis
More information about the freebsd-security
mailing list