Subject: Re: openssl confusion
To: Oleg Polyanski <>
From: None <>
List: tech-pkg
Date: 08/13/2002 14:26:13
> Could please anyone explain to me why some packages now require the
> openssl package instead of using the in-tree version?  This leads
> to two different versions of the same piece of software to be
> maintained. I searched the archives but have not found any
> explanation for that.

	what version of openssl do you have in-tree? (check
	/usr/include/openssl/opensslv.h)  pkgsrc/security/openssl/
	detects if in-tree version is vulnerable or not, so it seems to me
	that you have a vulnerable version in-tree.