httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject [Bug 53512] OPENSSL_NO_SSL_INTERN should not be defined with OPENSSL_VERSION_NUMBER 0x10001000
Date Sun, 08 Jul 2012 10:00:02 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=53512

Kaspar Brand <asfbugz@velox.ch> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Hardware|PC                          |All
           Severity|major                       |normal

--- Comment #1 from Kaspar Brand <asfbugz@velox.ch> ---
Increasing the version check to require 1.0.1-beta1 is a way to address this,
that's right, but frankly, the proper fix is for NetBSD to pick up a *released*
version of OpenSSL.

Both 6.0_BETA2 and 6.99.8 seem to have a snapshot from 5 June 2011
(http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/external/bsd/openssl/dist/crypto/opensslv.h?rev=HEAD)
- which lacks numerous fixes compared to 1.0.1, and of course even more
compared to 1.0.1c: see e.g.
http://cvs.openssl.org/filediff?f=openssl/CHANGES&v1=1.1481.2.56&v2=1.1481.2.56.2.103.

I would really urge NetBSD to pull up a more recent OpenSSL *release* (and not
repeat the exercise they did in 5.x, with the 0.9.9-dev snapshot... I was
really hoping for this to be a one-time screw up).

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message