Salut,
On Fri, Jul 17, 2009 at 04:39:13PM -0400, Taylor R Campbell wrote:
> The problem was that Updating src/lib/libcrypto brought in Joerg
> Sonnenberger's change to make libcrypto use libc's new SHA-224
> implementation -- but since I had not also installed a new libc,
> loading any object linked against libcrypto would fail.
I guess so, but I don't think we can guarantee that the instructions
of an advisory won't "go bad" due to a separate advisory (which will
be issued soon, by the way).
I think the binary updates I was working on would solve this problem,
but due to too many demands on various sides ("You must send full file
replacements", "You must use PGP, not SSL") I had to put this project
in the fridge until I have time to take care of them all.
Tonnerre
Attachment:
pgpEFKdU4H74b.pgp
Description: PGP signature