Why Fedora 10 still uses openssl pkg from 2007, 4 releases old?
Frantisek Hanzlik
franta at hanzlici.cz
Fri Jan 9 00:09:41 UTC 2009
Rick Stevens wrote:
> Frantisek Hanzlik wrote:
>> After upgrading from F7 to F10 it's unable (for me, but on several sites)
>> access to sendmail daemon with authenticated access by either TLS
>> (port 25)
>> or SSL (port 465) protocols from M$ Outlook (Express too). I still make
>> on right description this issue, its look like some problem in
>> certificate
>> exchange.
>> But no matter how it's related with, surprising for me is fact,
>> that Fedora 10 uses openssl package version 0.9.8g released in 2007,
>> while actual released version is 0.9.8j, four versions newer.
>
> If you check the source RPM's spec file, you'll see that most (if not
> all) of the "j" patches have been backported to the "g" version. The
> trick is that the "j" version bumps the .so for /lib[64]/libcrypto.so.7
> and /lib[64]/libssl.so.7 from ".7" to ".8" and a lot of existing code
> would break because they want .7. Hope that explains it for you.
>
> ----------------------------------------------------------------------
> - Rick Stevens, Systems Engineer ricks at nerd.com -
> - AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 -
> - -
> - If you're not part of the solution, you're part of the precipitate -
> ----------------------------------------------------------------------
Rick, thank for Your response.
But - yes, I know just was released F10 openssl pkg 0.9.8g release 12,
and I read it's changelog, thus I know what was backported to this.
But I'm not agree about You these "lot of existing code would break
because ..", as when I ask:
rpm -q --whatrequires openssl
tinyca2-0.7.5-4.fc10.noarch
dovecot-1.1.7-1.fc10.i386
openldap-servers-2.4.12-1.fc10.i386
nash-6.0.71-3.fc10.i386
NetworkManager-0.7.0-1.git20090102.fc10.i386
sendmail-8.14.3-3.fc10.i386
openssl-devel-0.9.8g-12.fc10.i386
openssl-perl-0.9.8g-12.fc10.i386
(and I have relative large system with packages from rpmfusion, dries,
atrpms, planetccrma and others) - thus, I think, only packages
depend on openssl are some little from Fedora own repository.
I'm right?
Franta Hanzlik
More information about the fedora-list
mailing list