Full Disclosure mailing list archives
OpenSSL - dynamically linked binaries?
From: Honza Vlach <janus () volny cz>
Date: Mon, 22 Mar 2004 10:27:12 +0100
Hello, I have upgraded my servers to latest OpenSSL version (0.9.7d) and restarted all daemons linked to it. Still, I'm a bit confused about what else should I recompile. I have checked apache mod_ssl and php module, which are both dynamically linked to the libssl.so.0.9.7. The thing, that confuses me lot is, when I look on the phpinfo(), it says "OpenSSL version 0.9.7c", which it was compiled against. Does this mean, that I'm still vulnerable, or it is just version hardcoded to the binary, while the library itself was sucessfully reloaded? What should be recompiled when there is new OpenSSL version issued? Have a nice day, Honza Vlach
Attachment:
_bin
Description:
Current thread:
- OpenSSL - dynamically linked binaries? Honza Vlach (Mar 22)
- Re: OpenSSL - dynamically linked binaries? ja6.com (Mar 22)
- Re: OpenSSL - dynamically linked binaries? Bram Matthys (Syzop) (Mar 22)
- <Possible follow-ups>
- Re: OpenSSL - dynamically linked binaries? Honza Vlach (Mar 22)