With important updates just out for both gnutls and openssl:
As well as updating the packages in question, are there any specific services that also need to be restarted?
And are there any commonly-compiled applications that need recompiling? I don't know how things work when a third party package is involved - do they just link to something or do they use some code from the package?
I'm thinking specifically about spamdyke and nrpe in particular (nrpe, I think, required openssl-devel before it will compile ) and spamdyke does some TLS stuff if compiled correctly. But I don't know how these things link, if at all, with the just updated packages.
openssl and gnutls
openssl and gnutls
--------------------------------
<advert>
If you want to rent a UK-based VPS that comes with friendly advice and support from a fellow ART fan, please get in touch.
</advert>
<advert>
If you want to rent a UK-based VPS that comes with friendly advice and support from a fellow ART fan, please get in touch.
</advert>
-
scott
- Atomicorp Staff - Site Admin
- Posts: 8355
- Joined: Wed Dec 31, 1969 8:00 pm
- Location: earth
- Contact:
Re: openssl and gnutls
Provided you are dealing with a dynamically linked shared object that does not change targets, you should not have to rebuild anything in most cases.
The conditions where you would:
1) the target library changing, ie: libfoo.so.1 becomes libfoo.so.2.
2) Something in the API has changed that the linked application needs to be aware of. Say for example an application has an ifdef on a feature that was recently added in a library change. The previous build would not be able to take that into account unless it is rebuilt (and detected).
Item 2 is subtle, and knowing when this happens really involves deep understanding of how all the parts work together in the application. If you're not sure, recompile.
The conditions where you would:
1) the target library changing, ie: libfoo.so.1 becomes libfoo.so.2.
2) Something in the API has changed that the linked application needs to be aware of. Say for example an application has an ifdef on a feature that was recently added in a library change. The previous build would not be able to take that into account unless it is rebuilt (and detected).
Item 2 is subtle, and knowing when this happens really involves deep understanding of how all the parts work together in the application. If you're not sure, recompile.