openssl from ports

Randal L. Schwartz merlyn at
Fri Mar 2 22:12:32 UTC 2012

>>>>> "Maxim" == Maxim Khitrov <max at> writes:

Maxim> On Fri, Mar 2, 2012 at 5:00 PM, Randal L. Schwartz
Maxim> <merlyn at> wrote:
>> I know openssl is in the core, but the version in FreeBSD 8.2 is
>> vulnerable to some recent attacks.  (Hmm, I wonder why there hasn't been
>> an 8.2 update then...)

Maxim> Which attacks are you referring to?

Theoretically, this should have triggered a FreeBSD 8.2 security update,
now that I keep thinking about it.  Did I miss an announcement in the
past few days?

>> I installed the version from ports, which was recently updated, but now
>> I'm not sure how to get my other ports to use that port instead of the
>> core libraries.  Is it sufficient to restart the apps (apache in
>> particular), or do I need to recompile things?

Maxim> You will need to recompile ports that depend on OpenSSL, passing
Maxim> WITH_OPENSSL_PORT= flag to make. My preferred way to do this is to
Maxim> install ports-mgmt/portconf and use something like this for
Maxim> /usr/local/etc/ports.conf:


Is that the same as setting it in /etc/make.conf ? That's where I have
"WITHOUT_X11=yes".  And you're gonna regret that WITHOUT_IPV6 in a
couple of months. :)

(Googling a bit..)

Oh, it makes it easier to make it non-universal.  Cool.

Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
<merlyn at> <URL:>
Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc.
See for Smalltalk discussion

More information about the freebsd-questions mailing list