![](https://seccdn.libravatar.org/avatar/07e594a050af805152b550eeb6b8f844.jpg?s=120&d=mm&r=g)
On Thu, Jan 16, 2003 at 09:48:35AM -0400, James Oakley wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Thursday 16 January 2003 08:23 am, Daniel Bye wrote:
Hi folks,
I am relatively new to SuSE (but not to Linux and UNIX-like OSen), and have come across a problem. I want to upgrade the default OpenSSL RPM installed when the box was built (it is 8.0). I am unable to find a SuSE RPM for OpenSSL 0.9.6g/h or 0.9.7 anywhere out there (have tried rpmfind, ...snip...
Is this for security or is there some feature you absolutely need? I *highly* recommend using the latest SuSE-provided 8.0-specific OpenSSL.
I'm trying to build postfix/TLS, and want to upgrade to a more recent version of OpenSSL (I recall from a few weeks ago, a report from CERT, CA-2002-23, advising users of OpenSSL to upgrade to 0.9.6e or later).
Remember that SuSE fixes the holes and keeps the version the same. This is to avoid integration issues such as new APIs, different file locations/names, etc.
OK, I didn't know that. Do you know the rationale behind the policy? It must prove very confusing to those who don't know about it. So, effectively, the openssl RPM on the update site should install a version more recent than 0.9.6c, even though it still bears the release number 0.9.6c? Also, I am reasonably confident the OpenSSL project members take into account the need to support obsoleted API features from release to release, particulalry along the same development branch. Thanks, Dan