search for: _letter_

What risk exists in changing the check for the matching version of openssl so that the final letter part of the version (e.g. 0.9.6c vs. 0.9.6d) is ignored? Are there any security vulnerabilities in such a thing? What if ssh(d) is linked against an older _letter_ version such as 0.9.6c and now finds the library is 0.9.6d? Is there a security risk in that? Surely a major API change would not happen between version c and version d, would it? My concern here is that openssl's versioning scheme is broken, and depending on it causes problems. For example...