http://bugzilla.suse.com/show_bug.cgi?id=1129411
http://bugzilla.suse.com/show_bug.cgi?id=1129411#c2
Vítězslav Čížek changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |vcizek@suse.com
--- Comment #2 from Vítězslav Čížek ---
You have installed a different openssl library than the tor package was
compiled with.
In this case it's a harmless warning.
OpenSSL guarantees binary compatibility over letter and the third digit
numbers.
Eg. 1.1.0i and 1.1.1a are binary compatible.
You can check the ABI changes between the openssl versions here:
https://abi-laboratory.pro/?view=timeline&l=openssl
Starting with the next major release of OpenSSL, there will be a change
in the versioning:
https://www.openssl.org/policies/releasestrat.html
But that's something for the future.
To sum it up, the version check in Tor is just too strict.
It expects the very same version (the same openssl version number and
the version text) for runtime as it was compiled with.
I find that unnecessary and the test could certainly be relaxed.
I know Tor takes the security of its users seriously, but IMHO here it's
just being overly rigorous.
--
You are receiving this mail because:
You are on the CC list for the bug.