rollingbits (Lucas)
2015-Jun-14 02:28 UTC
FreeBSD Security Advisory FreeBSD-SA-15:10.openssl
On Fri, Jun 12, 2015 at 07:43:30AM +0000, FreeBSD Security Advisories wrote:> 1) Upgrade your vulnerable system to a supported FreeBSD stable or > release / security branch (releng) dated after the correction date.Do I need rebuild my packages too? -- rollingbits -- rollingbits at gmail.com, rollingbits at terra.com.br lucasnm at ig.com.br, rollingbits at yahoo.com, rollingbits at globo.com Get my public GPG key in http://rollingbits.tripod.com/mykey.html -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 181 bytes Desc: not available URL: <http://lists.freebsd.org/pipermail/freebsd-security/attachments/20150613/3511d22b/attachment.sig>
On 13/06/2015 22:28, rollingbits (Lucas) wrote:> On Fri, Jun 12, 2015 at 07:43:30AM +0000, FreeBSD Security Advisories wrote: >> 1) Upgrade your vulnerable system to a supported FreeBSD stable or >> release / security branch (releng) dated after the correction date. > > Do I need rebuild my packages too?You need to rebuild and re-install the ports version of OpenSSL, if you're using it. You need to rebuild and re-install anything that is statically linked against OpenSSL libraries (either ports or base). This is trickier than it sounds, because you need to either look at the source code / Makefiles for the software, or use nm(1), objdump(1) or similar to check for symbols from OpenSSL libraries in your statically linked binaries. Fortunately, static linking against OpenSSL is a pretty unusual thing to do. Having done the above, you need to restart anything that loads OpenSSL shared libraries. That tends to be most network-aware software, so in many cases it might be easier to just reboot. Cheers, Matthew -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 971 bytes Desc: OpenPGP digital signature URL: <http://lists.freebsd.org/pipermail/freebsd-security/attachments/20150614/80873c45/attachment.sig>